diff --git a/README.md b/README.md index 5ac7117bd89d..a6534e9d2a29 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,17 @@ Popular applications, provided by [Bitnami](https://bitnami.com), containerized and ready to launch. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? - Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. @@ -62,80 +73,6 @@ docker-compose up -d > [!TIP] > Remember to replace the `APP` placeholder in the example command above with the correct value. -## Announcing General Availability of Bitnami Premium - -### A new commercial version of Bitnami open source containers and Helm charts - -Enterprises that love Bitnami can now purchase a Bitnami Premium subscription from [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=github&utm_medium=containers) and consume the containers and Helm charts right in Docker Hub. Bitnami Premium users will get access to private Docker Hub repositories with the same containers and Helm charts they are used to, plus new commercial features including: - -- Enterprise support for all 500+ Bitnami Premium packages -- All LTS branches of all Bitnami application packages maintained up-to-date -- Unlimited pulls of all Bitnami Premium containers and Helm charts from Docker Hub -- Secure software supply chain metadata including Software Bills of Material (SBOMs), SLSA 3 pipeline validation with in-toto attestations, Notation and Cosign signatures, Build-time CVE and anti-virus scan reports, and more. -- Minimal application runtimes (Node.js, Python, Ruby, Java, ASP.NET, PHP) with comparable and often smaller size than distroless alternatives. - -Alongside the launch of Bitnami Premium, we are making some changes to how we deliver the Bitnami Application Catalog: - -- Unlimited pulls from Docker Hub will no longer be available. Free Bitnami Application Catalog containers and charts will be subject to the same limits as any other Docker Hub repos starting December 16th, 2024. Pulls of Bitnami Premium containers and Helm charts will not count towards your [Docker Hub pull](https://hub.docker.com/usage/pulls) limits or overages. -- Long-term-support (LTS) branches of the software we package will no longer be maintained in the free Bitnami Application Catalog. To continue receiving updates for LTS branches of packages, you will have to upgrade to Bitnami Premium. -- We are improving Bitnami Application Catalog users’ supply chain security through additional integrity checks in our Helm chart installation process. These checks enable users to be aware when they are using containers that were not created and tested by Bitnami. - -These changes enable us to deliver a premium Bitnami experience to our enterprise users who will benefit from support and security metadata, but who do not need the extensive customization that is core to our other commercial offering called [Tanzu Application Catalog](https://www.vmware.com/products/app-platform/tanzu-application-catalog) (TAC). We are committed to continue delivering free Bitnami Application Catalog content to our community of developers and other open source project maintainers over the long term. - -Read on to learn more about Bitnami Premium and the coming changes to the free Bitnami Application Catalog content. - -### New goodness in Bitnami Premium - -Bitnami Premium is a new version of the content packaged by Bitnami that is sold through [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=github&utm_medium=containers). You can connect to an Arrow salesperson if you have any questions or want to purchase access. Once you buy Bitnami Premium, you will be given access to the Bitnami Premium registries in Docker Hub. You can then return to Docker Hub where you will have access to the Bitnami Premium containers, Helm charts, and software supply chain metadata from the new **/bitnamiprem** and **/bitnamichartsprem** orgs. These private repos are what enable you to pull without limits or caps. You will also see containers for all LTS branches continuously maintained up-to-date: for example, you will see PostgreSQL containers for versions 12, 13, 14, 15, 16, and 17; while in the free Bitnami catalog, you will only find version 17. - -#### A middle ground between free Bitnami Application Catalog and Tanzu Application Catalog customized packages - -In Bitnami Premium, all of the applications are built on Debian just as they are in the free Bitnami library. You get the entire library of containers and Helm charts kept up-to-date with the latest changes anywhere in each app from the OS to the application code itself. You can consume the content through Docker Hub where you’ve already been pulling it to date. However, in the Bitnami Premium registries, you will also find important software supply chain security metadata delivered as OCI artifacts alongside the containers and Helm charts. This metadata is useful for enterprises that need third-party open source software to be compliant with policies around auditability, supply chain integrity, and time to remediation of vulnerabilities. - -- **Supply chain security and integrity**: Bitnami Premium containers and Helm charts are built on an SLSA 3 pipeline, with attestations and signatures serving as proof that the software you’re deploying in your clusters is what you expect and has not been tampered with. -- **Software bills of material (SBOMs)**: At both the Helm chart and container levels, SBOMs give you fine-grained insight into the contents of every package. Bitnami Premium also includes build-time CVE scans and anti-virus reports (helpful for our Federal government customers). This will make it far easier to continuously validate the integrity of software supply chains and to track and triage vulnerabilities as they are discovered and patched. -- **Build time CVE scans, anti-virus scans, and more**: also included with Bitnami Premium content are Trivy CVE scan results and ClamAV scan results that satisfy requirements for, among other things, doing business with the US Federal government. You will also find the results of Bitnami’s automated functional tests that run as part of every artifact update, trigger information that specifies why the latest update was released, and more. - -Bitnami Premium differs from Tanzu Application Catalog in that, just like our free Bitnami content, it is a one-size-fits-all library of containers and Helm charts all built on Debian. Tanzu Application Catalog gives you the ability to customize your artifacts along many different dimensions. Some of the key differences include: - -- **Private delivery**: TAC containers and Helm charts are delivered directly to your private registries, or are hosted in a private registry maintained by us that you can pull from. -- **Choose a Linux distro or use your own “golden image”**: TAC gives you the ability to choose among four supported Linux distros: Debian, Ubuntu, RedHat UBI, or VMware’s own PhotonOS. All of the software packages on these distributions are maintained up-to-date and are tested to work in multiple Kubernetes environments as part of the release process. You can also use your own golden image: we’ll build and maintain the artifacts on top of it. For customers that need it, PhotonOS includes FIPS OpenSSL, is STIG-compliant, and includes zero/minimal CVES with VEX statements to triage any remaining ones. -- **App-specific customization**: With TAC, you can inject your own customizations such as user settings, certificates, or plugins into our SLSA 3 pipeline, so the artifacts you receive are truly promotable to production environments. -- **Software knowledge graph**: This keeps track of all your software dependencies at the individual package level. It continuously scans them for vulnerabilities, and organizes them into a searchable graph database so you can see in real-time which versions of which apps are affected and patched. It also includes useful information such as open source licenses, package management ecosystem data, and more. -- **UI and API**: TAC includes access to a user interface where you can add and remove applications from your catalog, and interact with the software knowledge graph to see at-a-glance details about your software. The [TAC API](https://developer.broadcom.com/xapis/application-catalog/latest/) enables you to build information from the software knowledge graph into your pipelines to ensure you are keeping your applications up-to-date with the latest patched applications. - -#### Minimal application runtimes - -Both Bitnami Premium and TAC ship include a set of minimal application runtimes built with only minimal set of dependencies required to run applications in different programming languages. Bitnami Premium minimal application runtimes are based on Debian 12, whereas TAC includes Debian 12 and Photon OS based container images for all the supported programming languages (.NET, Node.js, Java, PHP, Python and Ruby). A scratch-like static container image which is only 3Mb in size and a glibc based container image complete both of this products giving your teams options to run both dynamically and statically compiled applications built in languages like C/C++, Golang or Rust, amongst others. These minimal application runtimes are much smaller in size than their traditional alternatives, have much fewer CVEs and have a smoother maintenance lifecycle due to the minimal dependencies. There are more details about the topic in [this announcement](https://blogs.vmware.com/tanzu/introducing-minimal-application-runtimes-in-tanzu-application-catalog-and-bitnami-premium/). - -### Continuing our long tradition of partnerships - -Since Bitnami’s beginning over a decade ago, our many partnerships have propelled us to be a leading publisher of open source software. Bitnami cloud images drive billions of compute hours annually for our hyperscale cloud partners, for example, and our containers and Helm charts are pulled hundreds of millions of times per month from our partners at Docker Hub. - -We now begin our newest endeavor with [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=github&utm_medium=containers). Arrow is a global leader in IT distribution. Arrow is known for its ability to help businesses navigate the complexities of modern IT landscapes, providing the tools, technology, and expertise needed to drive digital transformation and operational efficiency. - -Arrow will sell Bitnami Premium access through its website. Bitnami users interested in purchasing Bitnami Premium will find a streamlined process to pay, share their Docker Hub user identification, and gain access to the private Bitnami Premium repos in Docker Hub. Bitnami Premium customers can add and remove users through Arrow's support team, as well as submit tickets for enterprise support jointly delivered by the software packaging experts at Arrow and Bitnami. - -### What changes are coming for the free Bitnami library? - -#### Pull limits for free Bitnami content - -Beginning December 16th, 2024, the Bitnami Application Catalog will use [standard Docker Hub pull rate limits](https://docs.docker.com/docker-hub/download-rate-limit/) for Bitnami apps. Enterprise customers will be able to access the full Bitnami library in Bitnami Premium, purchased through Arrow and consumed right in Docker Hub, with no rate limits or restrictions. Note that we are not changing any licenses for our packages, meaning that projects can continue to bundle our Helm charts and containers in their own application packages. - -#### Long Term Support version updates - -Many open source projects we publish packages for have multiple LTS versions supported by their communities. Currently, Bitnami maintains all of these LTS versions up-to-date. Starting December 10th, 2024, we will only continue updating the latest version available for apps in the free Bitnami Application Catalog. This will enable OSS projects and individual/small businesses to continue using the latest versions of Bitnami applications. Bitnami Premium customers who need to continue pulling up-to-date versions of LTS branches can access them in the Bitnami Premium repo in Docker Hub. - -#### Supply chain integrity check in Bitnami Helm charts - -Bitnami has invested hundreds of thousands of developer hours in constructing a world-leading pipeline to build, monitor, update, and test open source software in multiple Kubernetes environments. For these Helm charts to perform as intended, and for them to leverage the many security features built-in, they need to deploy the Bitnami containers they were designed to work with. Therefore, we are adding new checks in the deployment process to check that the containers they were designed to deploy are the ones being deployed. - -### Keep an eye out for more updates - -We are excited to deliver an enhanced experience for [Bitnami Premium](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=github&utm_medium=containers) users, but this is just the beginning. We will continue to build on the value that all of our Bitnami community members, both free and paid, realize through our many years of experience publishing high-quality open source software packages for the world’s developers. - -Keep abreast of our blog for new updates and features, and be sure to check to follow us on [X (formerly Twitter)](https://x.com/bitnami) and [LinkedIn](https://www.linkedin.com/company/bitnami/). - ## Vulnerability scan in Bitnami container images As part of the release process, the Bitnami container images are analyzed for vulnerabilities. At this moment, we are using two different tools: @@ -145,16 +82,6 @@ As part of the release process, the Bitnami container images are analyzed for vu This scanning process is triggered via a GH action for every PR affecting the source code of the containers, regardless of its nature or origin. -## Changes in version support and pull-rate limits in Docker Hub for BItnami containers and Helm charts - -Following the release of Bitnami Premium, we are making some changes in the way we distribute our free catalog. These changes enable us to sustain a viable business while also continuing to serve our community, including other open source projects, with free, high-quality software packages. - -Beginning on December 16th, 2024, Bitnami will no longer subsidize unlimited pulls from the free Bitnami catalog in Docker Hub. Bitnami containers and charts will be subject to standard pull-rate limits and pull caps. Users who upgrade to Bitnami Premium will be able to pull without any limitations on pull rate or pulls per time period, regardless of the type of Docker subscription you have. - -Also on December 10t,h 2024, only the latest stable branch of any container will receive updates in the free Bitnami catalog. Suppose you use a branch of any Bitnami container other than the latest stable. In that case, you can either migrate to the latest stable branch or upgrade to Bitnami Premium to pull the most up-to-date images of all upstream-supported branches. Previous versions already released will not be deleted. They are still available to pull from DockerHub. - -We have partnered with Arrow Electronics as the exclusive vendor of Bitnami Premium. When you purchase a Bitnami Premium subscription through ArrowSphere Marketplace, you will be granted access to the /bitnamiprem and /bitnamichartsprem distribution registries in Docker Hub. To learn more, visit [https://www.arrow.com/globalecs/na/vendors/bitnami](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=github&utm_medium=containers). - ## Retention policy Deprecated assets will be retained in the container registry ([Bitnami DockerHub org](https://hub.docker.com/u/bitnami)) without changes for, at least, 6 months after the deprecation. diff --git a/bitnami/acmesolver/1.17/README.md b/bitnami/acmesolver/1.17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/acmesolver/1.17/README.md +++ b/bitnami/acmesolver/1.17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/acmesolver/README.md b/bitnami/acmesolver/README.md index 46aa430138e3..16e9cbf6fa10 100644 --- a/bitnami/acmesolver/README.md +++ b/bitnami/acmesolver/README.md @@ -16,18 +16,29 @@ docker run --name redis -e ALLOW_EMPTY_PASSWORD=yes bitnami/acmesolver:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Prerequisites Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ACME Solver in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Looking to use ACME Solver in production? Try [VMware Tanzu Application Catalog] Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -59,7 +64,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/airflow/2/README.md b/bitnami/airflow/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/airflow/2/README.md +++ b/bitnami/airflow/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/airflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/airflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/airflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/airflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/airflow/README.md b/bitnami/airflow/README.md index 0a16736d5647..1524f78a8c50 100644 --- a/bitnami/airflow/README.md +++ b/bitnami/airflow/README.md @@ -16,23 +16,28 @@ docker run --name airflow bitnami/airflow:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Airflow in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -420,17 +425,17 @@ docker run -d --name airflow -p 8080:8080 \ To configure Airflow to send email using SMTP you can set the following environment variables: -* `AIRFLOW__SMTP__SMTP_HOST`: Host for outgoing SMTP email. Default: **localhost** -* `AIRFLOW__SMTP__SMTP_PORT`: Port for outgoing SMTP email. Default: **25** -* `AIRFLOW__SMTP__SMTP_STARTTLS`: To use TLS communication. Default: **True** -* `AIRFLOW__SMTP__SMTP_SSL`: To use SSL communication. Default: **False** -* `AIRFLOW__SMTP__SMTP_USER`: User of SMTP used for authentication (likely email). No defaults. -* `AIRFLOW__SMTP__SMTP_PASSWORD`: Password for SMTP. No defaults. -* `AIRFLOW__SMTP__SMTP_MAIL_FROM`: To modify the "from email address". Default: **** +- `AIRFLOW__SMTP__SMTP_HOST`: Host for outgoing SMTP email. Default: **localhost** +- `AIRFLOW__SMTP__SMTP_PORT`: Port for outgoing SMTP email. Default: **25** +- `AIRFLOW__SMTP__SMTP_STARTTLS`: To use TLS communication. Default: **True** +- `AIRFLOW__SMTP__SMTP_SSL`: To use SSL communication. Default: **False** +- `AIRFLOW__SMTP__SMTP_USER`: User of SMTP used for authentication (likely email). No defaults. +- `AIRFLOW__SMTP__SMTP_PASSWORD`: Password for SMTP. No defaults. +- `AIRFLOW__SMTP__SMTP_MAIL_FROM`: To modify the "from email address". Default: **** This would be an example of SMTP configuration using a GMail account: -* docker-compose (application part): +- docker-compose (application part): ```yaml airflow: @@ -453,7 +458,7 @@ This would be an example of SMTP configuration using a GMail account: - 8080:8080 ``` -* For manual execution: +- For manual execution: ```console docker run -d --name airflow -p 8080:8080 \ @@ -477,13 +482,13 @@ docker run -d --name airflow -p 8080:8080 \ ### Starting October 30, 2024 -* The Airflow container now supports running as a Web server, Scheduler or Worker component, so it's no longer necessary to combine this container image with `bitnami/airflow-scheduler` and `bitnami/airflow-worker` in order to use the `CeleryExecutor`. -* The `AIRFLOW_COMPONENT_TYPE` environment variable was introduced to specify the component type. Current supported values are `webserver`, `scheduler` and `worker`, although it's planned to add soon support for `dag-processor` and `triggerer` components. The default value is `webserver`. +- The Airflow container now supports running as a Web server, Scheduler or Worker component, so it's no longer necessary to combine this container image with `bitnami/airflow-scheduler` and `bitnami/airflow-worker` in order to use the `CeleryExecutor`. +- The `AIRFLOW_COMPONENT_TYPE` environment variable was introduced to specify the component type. Current supported values are `webserver`, `scheduler` and `worker`, although it's planned to add soon support for `dag-processor` and `triggerer` components. The default value is `webserver`. ### 1.10.15-debian-10-r17 and 2.0.1-debian-10-r50 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. ## Contributing diff --git a/bitnami/alertmanager/README.md b/bitnami/alertmanager/README.md index 2aa1e2c7589f..bc95e1d33fd4 100644 --- a/bitnami/alertmanager/README.md +++ b/bitnami/alertmanager/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name alertmanager bitnami/alertmanager:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use AlertManager in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use AlertManager in production? Try [VMware Tanzu Application Catalog Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -188,7 +193,7 @@ docker run --name alertmanager bitnami/alertmanager:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/apache-exporter/README.md b/bitnami/apache-exporter/README.md index b7484d7c6429..395da2b266d0 100644 --- a/bitnami/apache-exporter/README.md +++ b/bitnami/apache-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name apache-exporter bitnami/apache-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Apache Exporter in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name apache-exporter bitnami/apache-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/apache/2.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/apache/2.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/apache/2.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/apache/2.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/apache/README.md b/bitnami/apache/README.md index 5f94b8e47892..ecea2df1874b 100644 --- a/bitnami/apache/README.md +++ b/bitnami/apache/README.md @@ -15,14 +15,25 @@ docker run --name apache bitnami/apache:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -154,7 +159,7 @@ Access your web server in the browser by navigating to `http://localhost:8080/`. When you start the Apache image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section: +- For docker-compose add the variable name and value under the application section: ```yaml version: '2' @@ -169,7 +174,7 @@ services: - APACHE_HTTP_PORT_NUMBER=8081 ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console docker run -d --name apache -p 80:8081 -p 443:443 \ @@ -293,7 +298,7 @@ Apache can be used to reverse proxy to other containers using Docker's linking s **Further Reading:** -* [mod_proxy documentation](http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse) +- [mod_proxy documentation](http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse) ## Logging @@ -319,10 +324,10 @@ The Bitnami Apache Docker image is designed to be extended so it can be used as Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](#full-configuration). -* [Using custom SSL certificates](#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](#full-configuration). +- [Using custom SSL certificates](#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -334,10 +339,10 @@ FROM bitnami/apache Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache -* Change the user that runs the container +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache +- Change the user that runs the container ```Dockerfile FROM bitnami/apache @@ -363,9 +368,9 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom virtual host -* Add custom certificates -* Clone your web application and serve it through Apache +- Add a custom virtual host +- Add custom certificates +- Clone your web application and serve it through Apache ```yaml version: '2' @@ -460,31 +465,31 @@ docker-compose up apache ## Useful Links -* [Create An AMP Development Environment With Bitnami Containers +- [Create An AMP Development Environment With Bitnami Containers ](https://docs.bitnami.com/containers/how-to/create-amp-environment-containers/) ## Notable Changes ### 2.4.54-debian-11-r22 -* Removed the [Apache PageSpeed Module (`mod_pagespeed`)](https://developers.google.com/speed/pagespeed/module). +- Removed the [Apache PageSpeed Module (`mod_pagespeed`)](https://developers.google.com/speed/pagespeed/module). ### 2.4.43-debian-10-r66 -* Included [Apache PageSpeed Module (`mod_pagespeed`)](https://developers.google.com/speed/pagespeed/module). It is disabled by default. To enable it, uncomment the following lines in `httpd.conf`: +- Included [Apache PageSpeed Module (`mod_pagespeed`)](https://developers.google.com/speed/pagespeed/module). It is disabled by default. To enable it, uncomment the following lines in `httpd.conf`: ```config ##Include conf/pagespeed.conf ##Include conf/pagespeed_libraries.conf ``` -* Included [ModSecurity v2](https://github.com/SpiderLabs/ModSecurity). It is disabled by default. To enable it, mount and enable your custom ModSecurity rules for the virtual hosts, and uncomment the following line in `httpd.conf`: +- Included [ModSecurity v2](https://github.com/SpiderLabs/ModSecurity). It is disabled by default. To enable it, mount and enable your custom ModSecurity rules for the virtual hosts, and uncomment the following line in `httpd.conf`: ```config ##LoadModule security2_module modules/mod_security2.so ``` -* Included [ModSecurity v3](https://github.com/SpiderLabs/ModSecurity) and [ModSecurity v3 Apache Connector (`mod_security3`)](https://github.com/SpiderLabs/ModSecurity-apache). It is disabled by default. To enable it, mount and enable your custom ModSecurity rules for the virtual hosts, and uncomment the following line in `httpd.conf`: +- Included [ModSecurity v3](https://github.com/SpiderLabs/ModSecurity) and [ModSecurity v3 Apache Connector (`mod_security3`)](https://github.com/SpiderLabs/ModSecurity-apache). It is disabled by default. To enable it, mount and enable your custom ModSecurity rules for the virtual hosts, and uncomment the following line in `httpd.conf`: ```config ##LoadModule security3_module modules/mod_security3.so @@ -492,26 +497,26 @@ docker-compose up apache ### 2.4.41-debian-9-r40 and 2.4.41-ol-7-r42 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. ### 2.4.39-debian-9-r40 and 2.4.39-ol-7-r50 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. Find an example at [Using custom SSL certificates](#using-custom-ssl-certificates). +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. Find an example at [Using custom SSL certificates](#using-custom-ssl-certificates). ### 2.4.34-r8 -* The Apache container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `apache` user. From now on, both the container and the Apache daemon run as user `1001`. As a consequence, the HTTP/HTTPS ports exposed by the container are now 8080/8443 instead of 80/443. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Apache container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `apache` user. From now on, both the container and the Apache daemon run as user `1001`. As a consequence, the HTTP/HTTPS ports exposed by the container are now 8080/8443 instead of 80/443. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 2.4.18-r0 -* The configuration volume has been moved to `/bitnami/apache`. Now you only need to mount a single volume at `/bitnami/apache` for persisting configuration. `/app` is still used for serving content by the default virtual host. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- The configuration volume has been moved to `/bitnami/apache`. Now you only need to mount a single volume at `/bitnami/apache` for persisting configuration. `/app` is still used for serving content by the default virtual host. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ### 2.4.12-4-r01 -* The `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. +- The `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. ## Using `docker-compose.yaml` diff --git a/bitnami/apisix-dashboard/README.md b/bitnami/apisix-dashboard/README.md index 7744eaee1068..ad54d10191e6 100644 --- a/bitnami/apisix-dashboard/README.md +++ b/bitnami/apisix-dashboard/README.md @@ -2,7 +2,7 @@ ## What is Apache APISIX Dashboard? -> Apache APISIX Dashboard is a component of the Apache APISIX chart. Apache APISIX is a high performance API Gateway. The Dashboard allows users to operate Apache APISIX through a frontend interface. +> Apache APISIX Dashboard is a component of the Apache APISIX chart. Apache APISIX is a high performance API Gateway. The Dashboard allows users to operate Apache APISIX through a frontend interface. [Overview of Apache APISIX Dashboard](https://apisix.apache.org/) Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name apisix-dashboard bitnami/apisix-dashboard:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache APISIX Dashboard in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Apache APISIX Dashboard documentation](https://apisix.apache ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/apisix-ingress-controller/README.md b/bitnami/apisix-ingress-controller/README.md index e1d05f85f773..3b03fe1edc7d 100644 --- a/bitnami/apisix-ingress-controller/README.md +++ b/bitnami/apisix-ingress-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name apisix-ingress-controller bitnami/apisix-ingress-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache APISIX Ingress Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Apache APISIX Ingress Controller documentation](https://gith ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/apisix/README.md b/bitnami/apisix/README.md index ce06509c1ea1..9304864fb854 100644 --- a/bitnami/apisix/README.md +++ b/bitnami/apisix/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name apisix bitnami/apisix:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache APISIX in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Apache APISIX documentation](https://apisix.apache.org/docs/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/appsmith/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/appsmith/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/appsmith/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/appsmith/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/appsmith/README.md b/bitnami/appsmith/README.md index 04bb487a3910..6c09b3204c8e 100644 --- a/bitnami/appsmith/README.md +++ b/bitnami/appsmith/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name appsmith bitnami/appsmith:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Appsmith in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -152,7 +157,7 @@ docker-compose up appsmith When you start the Appsmith image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. Please note that some variables are only considered when the container is started for the first time. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/appsmith/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/appsmith/docker-compose.yml) file present in this repository: ```yaml appsmith-api: @@ -162,7 +167,7 @@ When you start the Appsmith image, you can adjust the configuration of the insta ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name appsmith-api -p 80:8080 -p 443:8443 \ @@ -179,9 +184,9 @@ Available environment variables: Appsmith supports three running modes: -* Backend: The Appsmith API. It is the essential functional element of Appsmith. -* RTS: Necessary for performing real-time editing of the applications created by Appsmith. -* Client: Contains the UI of Appsmith. This is the main entrypoint for users. +- Backend: The Appsmith API. It is the essential functional element of Appsmith. +- RTS: Necessary for performing real-time editing of the applications created by Appsmith. +- Client: Contains the UI of Appsmith. This is the main entrypoint for users. The running mode is defined via the `APPSMITH_MODE` environment variable. The possible values are `backend`, `rts` and `client`. @@ -189,7 +194,7 @@ The running mode is defined via the `APPSMITH_MODE` environment variable. The po The Bitnami Appsmith container supports connecting the Appsmith application to an external database. This would be an example of using an external database for Appsmith. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/appsmith/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/appsmith/docker-compose.yml) file present in this repository: ```diff appsmith: @@ -205,7 +210,7 @@ The Bitnami Appsmith container supports connecting the Appsmith application to a ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name appsmith\ diff --git a/bitnami/arangodb/README.md b/bitnami/arangodb/README.md index 0514e661aa22..c2386843bc81 100644 --- a/bitnami/arangodb/README.md +++ b/bitnami/arangodb/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name arangodb bitnami/arangodb:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ArangoDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/argo-cd/2.13/README.md b/bitnami/argo-cd/2.13/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/argo-cd/2.13/README.md +++ b/bitnami/argo-cd/2.13/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/argo-cd/2.14/README.md b/bitnami/argo-cd/2.14/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/argo-cd/2.14/README.md +++ b/bitnami/argo-cd/2.14/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/argo-cd/3.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/argo-cd/3.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/argo-cd/3.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/argo-cd/3.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/argo-cd/README.md b/bitnami/argo-cd/README.md index 1ef28efe321f..985f95fd8d00 100644 --- a/bitnami/argo-cd/README.md +++ b/bitnami/argo-cd/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-cd bitnami/argo-cd:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Argo CD in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Argo CD documentation](https://argo-cd.readthedocs.io/en/sta ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/argo-workflow-cli/README.md b/bitnami/argo-workflow-cli/README.md index 556fc9e4a283..487d281ca84b 100644 --- a/bitnami/argo-workflow-cli/README.md +++ b/bitnami/argo-workflow-cli/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-cli bitnami/argo-workflow-cli ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Argo Workflows in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -110,7 +115,7 @@ Check the [official Argo Workflows CLI documentation](https://argoproj.github.io ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/argo-workflow-controller/README.md b/bitnami/argo-workflow-controller/README.md index 6b082fe1639e..0a67f2d09295 100644 --- a/bitnami/argo-workflow-controller/README.md +++ b/bitnami/argo-workflow-controller/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-controller bitnami/argo-workflow-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Argo Workflow Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -110,7 +115,7 @@ Check the [official Argo Workflows Controller documentation](https://argoproj.gi ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/argo-workflow-exec/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/argo-workflow-exec/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/argo-workflow-exec/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/argo-workflow-exec/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/argo-workflow-exec/README.md b/bitnami/argo-workflow-exec/README.md index 670b07fab1a9..25bac7d07106 100644 --- a/bitnami/argo-workflow-exec/README.md +++ b/bitnami/argo-workflow-exec/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-exec bitnami/argo-workflow-exec:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Argo Workflow Executor in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Argo Workflow Executor in production? Try [VMware Tanzu Applicati Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Argo Workflows Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/argo-workflows). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -106,7 +111,7 @@ Check the [official Argo Workflows Executor documentation](https://argoproj.gith ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/aspnet-core/8/README.md b/bitnami/aspnet-core/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/aspnet-core/8/README.md +++ b/bitnami/aspnet-core/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/aspnet-core/9/debian-12/prebuildfs/opt/bitnami/base/functions b/bitnami/aspnet-core/9/debian-12/prebuildfs/opt/bitnami/base/functions index f2ba91f92ba8..374d02783952 100644 --- a/bitnami/aspnet-core/9/debian-12/prebuildfs/opt/bitnami/base/functions +++ b/bitnami/aspnet-core/9/debian-12/prebuildfs/opt/bitnami/base/functions @@ -117,6 +117,6 @@ print_image_welcome_page() { log "" log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" log "" } diff --git a/bitnami/aspnet-core/README.md b/bitnami/aspnet-core/README.md index 51a7b6aafc3d..63ef33946bea 100644 --- a/bitnami/aspnet-core/README.md +++ b/bitnami/aspnet-core/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name aspnet-core bitnami/aspnet-core:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ASP.NET Core in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/attu/README.md b/bitnami/attu/README.md index 0b205846e04f..405906b1b87d 100644 --- a/bitnami/attu/README.md +++ b/bitnami/attu/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name attu bitnami/attu ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Attu in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Attu documentation](https://github.com/zilliztech/attudocs/) ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/aws-cli/1/README.md b/bitnami/aws-cli/1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/aws-cli/1/README.md +++ b/bitnami/aws-cli/1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/aws-cli/README.md b/bitnami/aws-cli/README.md index 924b6dce9245..20c6e01595be 100644 --- a/bitnami/aws-cli/README.md +++ b/bitnami/aws-cli/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name aws-cli bitnami/aws-cli:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use AWS CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -84,7 +89,7 @@ docker run --rm --name aws-cli -v /path/to/your/aws/config:/.aws/config bitnami/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/azure-cli/README.md b/bitnami/azure-cli/README.md index b0c6b28bfae5..1f42a654d2fc 100644 --- a/bitnami/azure-cli/README.md +++ b/bitnami/azure-cli/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name azure-cli bitnami/azure-cli:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Azure CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -84,7 +89,7 @@ docker run --rm --name azure-cli -v /path/to/your/az/config:/.azure/config bitna ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/blackbox-exporter/README.md b/bitnami/blackbox-exporter/README.md index 24adec885b49..233cea0cbf11 100644 --- a/bitnami/blackbox-exporter/README.md +++ b/bitnami/blackbox-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name blackbox-exporter bitnami/blackbox-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Blackbox Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Blackbox Exporter in production? Try [VMware Tanzu Application Ca Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -189,7 +194,7 @@ docker run --name blackbox-exporter bitnami/blackbox-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/cadvisor/README.md b/bitnami/cadvisor/README.md index 760fe9a725f5..00744d4f7c47 100644 --- a/bitnami/cadvisor/README.md +++ b/bitnami/cadvisor/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cadvisor bitnami/cadvisor:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use cAdvisor in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cainjector/1.17/README.md b/bitnami/cainjector/1.17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cainjector/1.17/README.md +++ b/bitnami/cainjector/1.17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cainjector/README.md b/bitnami/cainjector/README.md index c04514e5d63d..b39c7d15ca9c 100644 --- a/bitnami/cainjector/README.md +++ b/bitnami/cainjector/README.md @@ -16,18 +16,29 @@ docker run --name cainjector -e ALLOW_EMPTY_PASSWORD=yes bitnami/cainjector:late **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Prerequisites Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use CA Injector in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Looking to use CA Injector in production? Try [VMware Tanzu Application Catalog] Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -59,7 +64,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/cassandra-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cassandra-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/cassandra-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/cassandra-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/cassandra-exporter/README.md b/bitnami/cassandra-exporter/README.md index fb265083534e..099e37708a6b 100644 --- a/bitnami/cassandra-exporter/README.md +++ b/bitnami/cassandra-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cassandra-exporter bitnami/cassandra-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cassandra Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Cassandra Exporter in production? Try [VMware Tanzu Application C Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name cassandra-exporter bitnami/cassandra-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/cassandra/4.0/README.md b/bitnami/cassandra/4.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cassandra/4.0/README.md +++ b/bitnami/cassandra/4.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cassandra/4.1/README.md b/bitnami/cassandra/4.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cassandra/4.1/README.md +++ b/bitnami/cassandra/4.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cassandra/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cassandra/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/cassandra/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/cassandra/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/cassandra/README.md b/bitnami/cassandra/README.md index f6dfcfa34465..8d753ed5a28d 100644 --- a/bitnami/cassandra/README.md +++ b/bitnami/cassandra/README.md @@ -15,14 +15,25 @@ docker run --name cassandra bitnami/cassandra:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Cassandra in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Apache Cassandra Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/cassandra). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -256,10 +261,10 @@ docker-compose up -d Additionally, any environment variable beginning with the following prefix will be mapped to its corresponding Apache Cassandra key in the proper file: -* `CASSANDRA_CFG_ENV_`: Will add the corresponding key and the provided value to `cassandra-env.sh`. -* `CASSANDRA_CFG_RACKDC_`: Will add the corresponding key and the provided value to `cassandra-rackdc.properties`. -* `CASSANDRA_CFG_COMMITLOG_`: Will add the corresponding key and the provided value to `commitlog_archiving.properties`. -* `CASSANDRA_CFG_YAML_`: Will add the corresponding key and the provided value to `cassandra.yaml`. +- `CASSANDRA_CFG_ENV_`: Will add the corresponding key and the provided value to `cassandra-env.sh`. +- `CASSANDRA_CFG_RACKDC_`: Will add the corresponding key and the provided value to `cassandra-rackdc.properties`. +- `CASSANDRA_CFG_COMMITLOG_`: Will add the corresponding key and the provided value to `commitlog_archiving.properties`. +- `CASSANDRA_CFG_YAML_`: Will add the corresponding key and the provided value to `cassandra.yaml`. For example, use `CASSANDRA_CFG_RACKDC_PREFER_LOCAL=true` in order to configure `prefer_local` in `cassandra-rackdc.properties`. Or, use `CASSANDRA_CFG_YAML_INTERNODE_COMPRESSION=all` in order to set `internode_compression` to `all` in `cassandra.yaml`. @@ -267,7 +272,7 @@ For example, use `CASSANDRA_CFG_RACKDC_PREFER_LOCAL=true` in order to configure When you start the cassandra image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section: +- For docker-compose add the variable name and value under the application section: ```yaml cassandra: @@ -276,7 +281,7 @@ cassandra: - CASSANDRA_TRANSPORT_PORT_NUMBER=7000 ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console $ docker run --name cassandra -d -p 7000:7000 --network=cassandra_network \ @@ -437,15 +442,15 @@ Refer to the [configuration](http://docs.datastax.com/en/cassandra/3.x/cassandra The Bitnami Apache Cassandra Docker image allows configuring TLS encryption between nodes and between server-client. This is done by mounting in `/bitnami/cassandra/secrets` two files: -* `keystore`: File with the server keystore -* `truststore`: File with the server truststore +- `keystore`: File with the server keystore +- `truststore`: File with the server truststore Apart from that, the following environment variables must be set: -* `CASSANDRA_KEYSTORE_PASSWORD`: Password for accessing the keystore. -* `CASSANDRA_TRUSTSTORE_PASSWORD`: Password for accessing the truststore. -* `CASSANDRA_INTERNODE_ENCRYPTION`: Sets the type of encryption between nodes. The default value is `none`. Can be set to `all`, `none`, `dc` or `rack`. -* `CASSANDRA_CLIENT_ENCRYPTION`: Enables client-server encryption. The default value is `false`. +- `CASSANDRA_KEYSTORE_PASSWORD`: Password for accessing the keystore. +- `CASSANDRA_TRUSTSTORE_PASSWORD`: Password for accessing the truststore. +- `CASSANDRA_INTERNODE_ENCRYPTION`: Sets the type of encryption between nodes. The default value is `none`. Can be set to `all`, `none`, `dc` or `rack`. +- `CASSANDRA_CLIENT_ENCRYPTION`: Enables client-server encryption. The default value is `false`. ## Logging @@ -528,11 +533,11 @@ docker-compose up cassandra ## 3.11.10-debian-10-r81 Split branch 3 -* Branch 3 has been split into branch 3.0 and 3.11 mirroring the upstream Apache Cassandra repo. +- Branch 3 has been split into branch 3.0 and 3.11 mirroring the upstream Apache Cassandra repo. ### 3.11.4-debian-9-r188 and 3.11.4-ol-7-r201 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. ### 3.11.3-r129 @@ -540,7 +545,7 @@ docker-compose up cassandra ### 3.11.2-r22 -* The Apache Cassandra container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache Cassandra daemon was started as the `cassandra` user. From now on, both the container and the Apache Cassandra daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Apache Cassandra container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache Cassandra daemon was started as the `cassandra` user. From now on, both the container and the Apache Cassandra daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Using `docker-compose.yaml` diff --git a/bitnami/cert-manager-webhook/1.17/README.md b/bitnami/cert-manager-webhook/1.17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cert-manager-webhook/1.17/README.md +++ b/bitnami/cert-manager-webhook/1.17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cert-manager-webhook/README.md b/bitnami/cert-manager-webhook/README.md index 62e96eceadab..e86c3405c450 100644 --- a/bitnami/cert-manager-webhook/README.md +++ b/bitnami/cert-manager-webhook/README.md @@ -16,18 +16,29 @@ docker run --name cert-manager-webhook -e ALLOW_EMPTY_PASSWORD=yes bitnami/cert- **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Prerequisites Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use cert-manager Webhook in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Looking to use cert-manager Webhook in production? Try [VMware Tanzu Application Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -59,7 +64,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/cert-manager/1.17/README.md b/bitnami/cert-manager/1.17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cert-manager/1.17/README.md +++ b/bitnami/cert-manager/1.17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cert-manager/README.md b/bitnami/cert-manager/README.md index 1a25d51a8d86..a6a4f0aa96a4 100644 --- a/bitnami/cert-manager/README.md +++ b/bitnami/cert-manager/README.md @@ -16,18 +16,29 @@ docker run --name cert-manager -e ALLOW_EMPTY_PASSWORD=yes bitnami/cert-manager: **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Prerequisites Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use cert-manager in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Looking to use cert-manager in production? Try [VMware Tanzu Application Catalog Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -59,7 +64,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/chainloop-artifact-cas/README.md b/bitnami/chainloop-artifact-cas/README.md index 207bb0fb8905..cf14ed6bcfcd 100644 --- a/bitnami/chainloop-artifact-cas/README.md +++ b/bitnami/chainloop-artifact-cas/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-artifact-cas bitnami/chainloop-artifact-cas:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Chainloop Artifact CAS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Chainloop Artifact CAS in production? Try [VMware Tanzu Applicati Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/chainloop-control-plane-migrations/README.md b/bitnami/chainloop-control-plane-migrations/README.md index f94adcdae999..224fa2dcf374 100644 --- a/bitnami/chainloop-control-plane-migrations/README.md +++ b/bitnami/chainloop-control-plane-migrations/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-control-plane-migrations bitnami/chainloop-control-plane-migrations:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Chainloop Control Plane migrations in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Chainloop Control Plane migrations in production? Try [VMware Tan Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/chainloop-control-plane/README.md b/bitnami/chainloop-control-plane/README.md index 2775ad9e449b..d2b6b135b1ec 100644 --- a/bitnami/chainloop-control-plane/README.md +++ b/bitnami/chainloop-control-plane/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-control-plane bitnami/chainloop-control-plane:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Chainloop in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Chainloop in production? Try [VMware Tanzu Application Catalog](h Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/charts-syncer/README.md b/bitnami/charts-syncer/README.md index 1f9e077f5251..22141fdc65cc 100644 --- a/bitnami/charts-syncer/README.md +++ b/bitnami/charts-syncer/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name charts-syncer bitnami/charts-syncer:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use charts-syncer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use charts-syncer in production? Try [VMware Tanzu Application Catalo Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cilium-operator/README.md b/bitnami/cilium-operator/README.md index aafd720b7013..a8b3b71e6e81 100644 --- a/bitnami/cilium-operator/README.md +++ b/bitnami/cilium-operator/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium-operator bitnami/cilium-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cilium Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Cilium Operator in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cilium-proxy/README.md b/bitnami/cilium-proxy/README.md index 591b9ff634b1..198fc95175a1 100644 --- a/bitnami/cilium-proxy/README.md +++ b/bitnami/cilium-proxy/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium-proxy bitnami/cilium-proxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cilium Proxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cilium/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cilium/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/cilium/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/cilium/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/cilium/README.md b/bitnami/cilium/README.md index 6947fa17335a..88589a2f7619 100644 --- a/bitnami/cilium/README.md +++ b/bitnami/cilium/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium bitnami/cilium:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cilium in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Cilium in production? Try [VMware Tanzu Application Catalog](http Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/clickhouse-keeper/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/clickhouse-keeper/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/clickhouse-keeper/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/clickhouse-keeper/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/clickhouse-keeper/README.md b/bitnami/clickhouse-keeper/README.md index 109232ccfa5c..a35dff9cc0b3 100644 --- a/bitnami/clickhouse-keeper/README.md +++ b/bitnami/clickhouse-keeper/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-keeper bitnami/clickhouse-keeper:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ClickHouse Keeper in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/clickhouse-operator-metrics-exporter/README.md b/bitnami/clickhouse-operator-metrics-exporter/README.md index b4b614aebdd3..d097cb0a188b 100644 --- a/bitnami/clickhouse-operator-metrics-exporter/README.md +++ b/bitnami/clickhouse-operator-metrics-exporter/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-operator-metrics-exporter bitnami/clickhouse-operator-metrics-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ClickHouse Op Metrics exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/clickhouse-operator/README.md b/bitnami/clickhouse-operator/README.md index 88ec5a6eec23..c10adcc615c2 100644 --- a/bitnami/clickhouse-operator/README.md +++ b/bitnami/clickhouse-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-operator bitnami/clickhouse-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ClickHouse Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/clickhouse/24.8/README.md b/bitnami/clickhouse/24.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/clickhouse/24.8/README.md +++ b/bitnami/clickhouse/24.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/clickhouse/25.3/README.md b/bitnami/clickhouse/25.3/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/clickhouse/25.3/README.md +++ b/bitnami/clickhouse/25.3/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/clickhouse/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/clickhouse/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/clickhouse/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/clickhouse/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/clickhouse/README.md b/bitnami/clickhouse/README.md index e68d165affe1..84cfbed4d9f2 100644 --- a/bitnami/clickhouse/README.md +++ b/bitnami/clickhouse/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse bitnami/clickhouse:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ClickHouse in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use ClickHouse in production? Try [VMware Tanzu Application Catalog]( Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami ClickHouse Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/clickhouse). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cloudnative-pg/README.md b/bitnami/cloudnative-pg/README.md index 61eedd524797..dc93d4bc1064 100644 --- a/bitnami/cloudnative-pg/README.md +++ b/bitnami/cloudnative-pg/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cloudnative-pg bitnami/cloudnative-pg:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use CloudNativePG in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cluster-autoscaler/README.md b/bitnami/cluster-autoscaler/README.md index 8e5c61d1df90..eacbb5b398fe 100644 --- a/bitnami/cluster-autoscaler/README.md +++ b/bitnami/cluster-autoscaler/README.md @@ -36,6 +36,17 @@ Please note that Cluster Autoscaler a series of permissions/privileges to adjust > NOTE: Find resources to deploy Cluster Autoscaler on AWS in the [aws-examples](https://github.com/bitnami/containers/tree/main/bitnami/cluster-autoscaler/aws-examples) directory. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +* Granting community users access for the first time to security-optimized versions of popular container images. +* Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +* Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +* For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? * Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. @@ -51,12 +62,6 @@ Looking to use Cluster Autoscaler in production? Try [VMware Tanzu Application C Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/cluster-autoscaler/aws-examples/README.md b/bitnami/cluster-autoscaler/aws-examples/README.md index e094b520660f..9cf38afcd52d 100644 --- a/bitnami/cluster-autoscaler/aws-examples/README.md +++ b/bitnami/cluster-autoscaler/aws-examples/README.md @@ -1,8 +1,8 @@ # Deploy Cluster Autoscaler on AWS > NOTE: If you are pulling from a private containers registry, replace the image name with the full URL to the docker image. E.g. -> -> ``` +> +> ```yaml > containers: > - image: 'your-registry/cluster-autoscaler:your-version' > ``` @@ -15,7 +15,7 @@ kubectl apply -f rbac-requirements.yaml The following K8s resources will be created: -- A **serviceAccount** with name cluster-autoscaler in the `kube-system` namespace. +- A **serviceAccount** with name cluster-autoscaler in the `kube-system` namespace. - A **role** in the `kube-system` namespace. - A **roleBinding** which binds the serviceAccount created with the corresponding role. - A **clusterRole**. diff --git a/bitnami/concourse/README.md b/bitnami/concourse/README.md index c29082afd53a..21a850eba45c 100644 --- a/bitnami/concourse/README.md +++ b/bitnami/concourse/README.md @@ -14,14 +14,25 @@ docker run --name concourse bitnami/concourse:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [PostgreSQL container](https://github.com/bitnami/containers/tree/main/bitnami/postgresql#readme) for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Concourse in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -29,12 +40,6 @@ Looking to use Concourse in production? Try [VMware Tanzu Application Catalog](h Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://docs.bitnami.com/containers/how-to/work-with-non-root-containers/). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/configmap-reload/README.md b/bitnami/configmap-reload/README.md index 924588efe504..1872a4000fca 100644 --- a/bitnami/configmap-reload/README.md +++ b/bitnami/configmap-reload/README.md @@ -11,14 +11,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [ConfigMap Reload](https://github.com/jimmidyson/configmap-reload/blob/master/README.md) on your Kubernetes cluster. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ConfigMap Reload in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -26,12 +37,6 @@ Looking to use ConfigMap Reload in production? Try [VMware Tanzu Application Cat Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -66,7 +71,7 @@ docker build -t bitnami/APP:latest . ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Configuration diff --git a/bitnami/configurable-http-proxy/README.md b/bitnami/configurable-http-proxy/README.md index c162db9cb34a..9c879a056a30 100644 --- a/bitnami/configurable-http-proxy/README.md +++ b/bitnami/configurable-http-proxy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name configurable-http-proxy bitnami/configurable-http-proxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Configurable HTTP Proxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official Configurable HTTP Proxy documentation](https://github.com/ju ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/consul-exporter/README.md b/bitnami/consul-exporter/README.md index 62a893ed83dc..4f7d1713128e 100644 --- a/bitnami/consul-exporter/README.md +++ b/bitnami/consul-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name consul-exporter bitnami/consul-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Consul Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Consul Exporter in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name consul-exporter bitnami/consul-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/consul/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/consul/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/consul/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/consul/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/consul/README.md b/bitnami/consul/README.md index e830ac12bf35..53f8ebdb4112 100644 --- a/bitnami/consul/README.md +++ b/bitnami/consul/README.md @@ -15,14 +15,25 @@ docker run --name consul bitnami/consul:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use HashiCorp Consul in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -353,8 +358,8 @@ docker run -d -e CONSUL_HTTP_PORT_NUMBER=8888 --name consul bitnami/consul:lates In order to load your own configuration files, you will have to make them available to the container. You can do it doing the following: -* Mounting a volume with your custom configuration -* Adding custom configuration via environment variable. +- Mounting a volume with your custom configuration +- Adding custom configuration via environment variable. By default, the configuration of HashiCorp Consul is written to `/opt/bitnami/consul/consul.json` file and persisted with the following content: @@ -517,7 +522,7 @@ Also, some env var changes have been performed maintaining backward compatibilit ### 1.4.0-r16 -* The Consul container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Consul daemon was started as the `consul` user. From now on, both the container and the Consul daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Consul container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Consul daemon was started as the `consul` user. From now on, both the container and the Consul daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Using `docker-compose.yaml` diff --git a/bitnami/contour/1.30/README.md b/bitnami/contour/1.30/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/contour/1.30/README.md +++ b/bitnami/contour/1.30/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/contour/1.31/README.md b/bitnami/contour/1.31/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/contour/1.31/README.md +++ b/bitnami/contour/1.31/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/contour/README.md b/bitnami/contour/README.md index ee807aa77479..123ffb0a3798 100644 --- a/bitnami/contour/README.md +++ b/bitnami/contour/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name contour bitnami/contour:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Contour in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Contour in production? Try [VMware Tanzu Application Catalog](htt Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://docs.bitnami.com/containers/how-to/work-with-non-root-containers/). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -154,11 +159,11 @@ docker run --name contour bitnami/contour:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 1.20.0-debian-10-r8 Rename branch 1.20 -* Branch 1 has been renamed into branch 1.20 in order to follow the upstream [Contour major versions](https://github.com/projectcontour/contour/releases). +- Branch 1 has been renamed into branch 1.20 in order to follow the upstream [Contour major versions](https://github.com/projectcontour/contour/releases). ## Contributing diff --git a/bitnami/cosign/README.md b/bitnami/cosign/README.md index e03dad786b89..1194876cddf0 100644 --- a/bitnami/cosign/README.md +++ b/bitnami/cosign/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name cosign bitnami/cosign ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cosign in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Cosign documentation](https://github.com/sigstore/cosign/tre ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/couchdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/couchdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/couchdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/couchdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/couchdb/README.md b/bitnami/couchdb/README.md index 7524b74ed88b..ee740d7861ae 100644 --- a/bitnami/couchdb/README.md +++ b/bitnami/couchdb/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name couchdb bitnami/couchdb:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use CouchDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use CouchDB in production? Try [VMware Tanzu Application Catalog](htt Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -212,9 +217,9 @@ docker-compose restart couchdb In order to configure CouchDB as a cluster of nodes, please make sure you set proper values for the following environment variables: -* `COUCHDB_NODENAME`. A server alias. It should be different on each container. -* `COUCHDB_CLUSTER_PORT_NUMBER`: Port for cluster communication. Default: **9100** -* `COUCHDB_CREATE_DATABASES`: Whether to create the system databases or not. You should only set it to yes in one of the nodes. Default: **yes** +- `COUCHDB_NODENAME`. A server alias. It should be different on each container. +- `COUCHDB_CLUSTER_PORT_NUMBER`: Port for cluster communication. Default: **9100** +- `COUCHDB_CREATE_DATABASES`: Whether to create the system databases or not. You should only set it to yes in one of the nodes. Default: **yes** ## Logging @@ -234,8 +239,8 @@ The Bitnami CouchDB Docker image is designed to be extended so it can be used as Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the port used by CouchDB by setting the environment variable `COUCHDB_PORT_NUMBER`. -* [Replacing or adding your own configuration files](#mounting-your-own-configuration-files). +- Settings that can be adapted using environment variables. For instance, you can change the port used by CouchDB by setting the environment variable `COUCHDB_PORT_NUMBER`. +- [Replacing or adding your own configuration files](#mounting-your-own-configuration-files). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -247,9 +252,9 @@ FROM bitnami/couchdb Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the port used by CouchDB -* Change the user that runs the container +- Install the `vim` editor +- Modify the port used by CouchDB +- Change the user that runs the container ```Dockerfile FROM bitnami/couchdb @@ -271,7 +276,7 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom configuration file +- Add a custom configuration file ```yaml version: '2' @@ -329,7 +334,7 @@ docker run --name couchdb bitnami/couchdb:latest ### 3.0.0-0-debian-10-r0 -* The usage of 'ALLOW_ANONYMOUS_LOGIN' is now deprecated. Please, specify a password for the admin user (defaults to "admin") by setting the 'COUCHDB_PASSWORD' environment variable. +- The usage of 'ALLOW_ANONYMOUS_LOGIN' is now deprecated. Please, specify a password for the admin user (defaults to "admin") by setting the 'COUCHDB_PASSWORD' environment variable. ## Using `docker-compose.yaml` diff --git a/bitnami/cypress/13/README.md b/bitnami/cypress/13/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/cypress/13/README.md +++ b/bitnami/cypress/13/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cypress/14/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cypress/14/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/cypress/14/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/cypress/14/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/cypress/README.md b/bitnami/cypress/README.md index e401880492c3..22a8bacdf4a1 100644 --- a/bitnami/cypress/README.md +++ b/bitnami/cypress/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name cypress bitnami/cypress ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Cypress in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Cypress in production? Try [VMware Tanzu Application Catalog](htt Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ docker run -it --name cypress -v /path/to/app:/app bitnami/cypress **Further Reading:** -* [cypress documentation](https://www.cypress.io//docs) +- [cypress documentation](https://www.cypress.io//docs) ### Browsers diff --git a/bitnami/deepspeed/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/deepspeed/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/deepspeed/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/deepspeed/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/deepspeed/README.md b/bitnami/deepspeed/README.md index b8f9d31d1332..6e1bca310b0f 100644 --- a/bitnami/deepspeed/README.md +++ b/bitnami/deepspeed/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name deepspeed bitnami/deepspeed:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use DeepSpeed in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official DeepSpeed documentation](https://www.deepspeed.ai/docs/) for ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/dex/README.md b/bitnami/dex/README.md index 67781e8a363f..e7d36bd9383d 100644 --- a/bitnami/dex/README.md +++ b/bitnami/dex/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name dex bitnami/dex ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Dex in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Dex documentation](https://dexidp.io/docs/) for more informa ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/discourse/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/discourse/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/discourse/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/discourse/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/discourse/README.md b/bitnami/discourse/README.md index 1a6c26a49f44..8fcbeade7468 100644 --- a/bitnami/discourse/README.md +++ b/bitnami/discourse/README.md @@ -16,23 +16,28 @@ docker run --name discourse bitnami/discourse:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Discourse® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -256,9 +261,9 @@ docker run -d --name sidekiq \ You can mount your configuration files to the `/opt/bitnami/discourse/mounted-conf` directory. Make sure that your configuration files follow the standardized names used by Discourse. Some of the most common files include: -* `discourse.conf` -* `database.yml` -* `site_settings.yml` +- `discourse.conf` +- `database.yml` +- `site_settings.yml` The set of default standard configuration files may be found [here](https://github.com/discourse/discourse/tree/master/config). You may refer to the the Discourse [webpage](https://www.discourse.org/) for further details and specific configuration guides. @@ -323,7 +328,7 @@ The set of default standard configuration files may be found [here](https://gith When you start the Discourse image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: ```yaml discourse: @@ -333,7 +338,7 @@ When you start the Discourse image, you can adjust the configuration of the inst ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name discourse -p 80:8080 -p 443:8443 \ @@ -349,7 +354,7 @@ When you start the Discourse image, you can adjust the configuration of the inst This would be an example of SMTP configuration using a Gmail account: -* Modify the environment variables used for the `discourse` and `sidekiq` containers in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: +- Modify the environment variables used for the `discourse` and `sidekiq` containers in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: ```yaml discourse: @@ -374,9 +379,9 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: - * First, create the Discourse container: + - First, create the Discourse container: ```console $ docker run -d --name discourse -p 80:8080 -p 443:8443 \ @@ -392,7 +397,7 @@ This would be an example of SMTP configuration using a Gmail account: bitnami/discourse:latest ``` - * Then, create the Sidekiq container: + - Then, create the Sidekiq container: ```console $ docker run -d --name sidekiq \ @@ -422,7 +427,7 @@ See the [documentation on troubleshooting SMTP issues](https://docs.bitnami.com/ The Bitnami Discourse container supports connecting the Discourse application to an external database. This would be an example of using an external database for Discourse. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/discourse/docker-compose.yml) file present in this repository: ```diff discourse: @@ -438,7 +443,7 @@ The Bitnami Discourse container supports connecting the Discourse application to ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name discourse\ @@ -566,20 +571,20 @@ docker-compose up -d ### 2.7.0-debian-10-r4 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. ### 2.4.4-debian-10-r8 release -* Discourse and Sidekiq now make use of the same volume to persist data. This solves issues related to being unable to locate some files generated on-demand by the Sidekiq job scheduler. +- Discourse and Sidekiq now make use of the same volume to persist data. This solves issues related to being unable to locate some files generated on-demand by the Sidekiq job scheduler. ### 2.3.2-debian-9-r48 and 2.3.2-ol-7-r47 -* The Discourse container now uses Passenger's ['direct' process spawning method](https://www.phusionpassenger.com/docs/advanced_guides/in_depth/ruby/spawn_methods.html) (instead of the default 'smart'), which fixes a bug where settings would randomly revert back to the original values. This setting may cause an increase in memory usage. It is possible to configure the spawning method by setting the `DISCOURSE_PASSENGER_SPAWN_METHOD` environment variable. +- The Discourse container now uses Passenger's ['direct' process spawning method](https://www.phusionpassenger.com/docs/advanced_guides/in_depth/ruby/spawn_methods.html) (instead of the default 'smart'), which fixes a bug where settings would randomly revert back to the original values. This setting may cause an increase in memory usage. It is possible to configure the spawning method by setting the `DISCOURSE_PASSENGER_SPAWN_METHOD` environment variable. ### 2.2.5-debian-9-r9 and 2.2.5-ol-7-r8 -* It is now possible to import existing Discourse databases from other installations. In order to do this, use the environment variable `DISCOURSE_SKIP_INSTALL`, which forces the container not to run the initial Discourse setup wizard. +- It is now possible to import existing Discourse databases from other installations. In order to do this, use the environment variable `DISCOURSE_SKIP_INSTALL`, which forces the container not to run the initial Discourse setup wizard. ## Contributing diff --git a/bitnami/dotnet-sdk/8/README.md b/bitnami/dotnet-sdk/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/dotnet-sdk/8/README.md +++ b/bitnami/dotnet-sdk/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/dotnet-sdk/9/debian-12/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet-sdk/9/debian-12/prebuildfs/opt/bitnami/base/functions index f2ba91f92ba8..374d02783952 100644 --- a/bitnami/dotnet-sdk/9/debian-12/prebuildfs/opt/bitnami/base/functions +++ b/bitnami/dotnet-sdk/9/debian-12/prebuildfs/opt/bitnami/base/functions @@ -117,6 +117,6 @@ print_image_welcome_page() { log "" log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" log "" } diff --git a/bitnami/dotnet-sdk/README.md b/bitnami/dotnet-sdk/README.md index ee056dd733a0..fddac33b03ad 100644 --- a/bitnami/dotnet-sdk/README.md +++ b/bitnami/dotnet-sdk/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name dotnet-sdk bitnami/dotnet-sdk:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use .NET SDK in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/dotnet/8/README.md b/bitnami/dotnet/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/dotnet/8/README.md +++ b/bitnami/dotnet/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/dotnet/9/debian-12/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet/9/debian-12/prebuildfs/opt/bitnami/base/functions index f2ba91f92ba8..374d02783952 100644 --- a/bitnami/dotnet/9/debian-12/prebuildfs/opt/bitnami/base/functions +++ b/bitnami/dotnet/9/debian-12/prebuildfs/opt/bitnami/base/functions @@ -117,6 +117,6 @@ print_image_welcome_page() { log "" log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" log "" } diff --git a/bitnami/dotnet/README.md b/bitnami/dotnet/README.md index 8563ba82b731..bfa538665c51 100644 --- a/bitnami/dotnet/README.md +++ b/bitnami/dotnet/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name dotnet bitnami/dotnet:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use .NET in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/dremio/25/README.md b/bitnami/dremio/25/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/dremio/25/README.md +++ b/bitnami/dremio/25/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/dremio/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/dremio/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/dremio/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/dremio/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/dremio/README.md b/bitnami/dremio/README.md index 2c7de3013f05..258b7862e317 100644 --- a/bitnami/dremio/README.md +++ b/bitnami/dremio/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name dremio bitnami/dremio ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Dremio in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/drupal/10/README.md b/bitnami/drupal/10/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/drupal/10/README.md +++ b/bitnami/drupal/10/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/drupal/11/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/drupal/11/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/drupal/11/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/drupal/11/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/drupal/README.md b/bitnami/drupal/README.md index 775a2c29d889..9842e8056573 100644 --- a/bitnami/drupal/README.md +++ b/bitnami/drupal/README.md @@ -16,14 +16,25 @@ docker run --name drupal bitnami/drupal:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Drupal in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Drupal Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/drupal). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -240,7 +245,7 @@ docker run -d --name drupal \ When you start the Drupal image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/drupal/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/drupal/docker-compose.yml) file present in this repository: ```yaml drupal: @@ -250,7 +255,7 @@ drupal: ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console docker run -d --name drupal -p 80:8080 -p 443:8443 \ @@ -264,7 +269,7 @@ drupal: This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/drupal/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/drupal/docker-compose.yml) file present in this repository: ```yaml drupal: @@ -281,7 +286,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console docker run -d --name drupal -p 80:8080 -p 443:8443 \ @@ -410,10 +415,10 @@ The Bitnami Drupal Docker image is designed to be extended so it can be used as Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -425,9 +430,9 @@ FROM bitnami/drupal Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache ```Dockerfile FROM bitnami/drupal @@ -469,22 +474,22 @@ Based on the extended image, you can update the [`docker-compose.yml`](https://g ## 8.9.2-debian-10-r3 and 9.0.2-debian-10-r3 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* The Drupal container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: - * The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Drupal site by exporting its content, and importing it on a new Drupal container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The Drupal container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: + - The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Drupal site by exporting its content, and importing it on a new Drupal container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. ## 8.7.2-debian-9-r8 and 8.7.2-ol-7-r8 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ## 8.5.3-r1 -* The drupal container now uses drush to install and update the Drupal application. +- The drupal container now uses drush to install and update the Drupal application. ## Contributing @@ -494,11 +499,11 @@ We'd love for you to contribute to this container. You can request new features If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new). Be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/ejbca/8/README.md b/bitnami/ejbca/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ejbca/8/README.md +++ b/bitnami/ejbca/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ejbca/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ejbca/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/ejbca/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/ejbca/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/ejbca/README.md b/bitnami/ejbca/README.md index 1ae58685411a..3896d1406e2d 100644 --- a/bitnami/ejbca/README.md +++ b/bitnami/ejbca/README.md @@ -15,14 +15,25 @@ docker run --name ejbca bitnami/ejbca:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use EJBCA in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use EJBCA in production? Try [VMware Tanzu Application Catalog](https Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://docs.bitnami.com/containers/how-to/work-with-non-root-containers/). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/elasticsearch-exporter/README.md b/bitnami/elasticsearch-exporter/README.md index 64316fd6e585..d7f6898da4d7 100644 --- a/bitnami/elasticsearch-exporter/README.md +++ b/bitnami/elasticsearch-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name elasticsearch-exporter bitnami/elasticsearch-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Elasticsearch Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Elasticsearch Exporter in production? Try [VMware Tanzu Applicati Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -156,7 +161,7 @@ docker run --name elasticsearch-exporter bitnami/elasticsearch-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/elasticsearch/7/README.md b/bitnami/elasticsearch/7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/elasticsearch/7/README.md +++ b/bitnami/elasticsearch/7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/elasticsearch/8/README.md b/bitnami/elasticsearch/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/elasticsearch/8/README.md +++ b/bitnami/elasticsearch/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/elasticsearch/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/elasticsearch/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/elasticsearch/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/elasticsearch/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/elasticsearch/README.md b/bitnami/elasticsearch/README.md index a985c63d70c0..f921ad4cd062 100644 --- a/bitnami/elasticsearch/README.md +++ b/bitnami/elasticsearch/README.md @@ -15,14 +15,25 @@ docker run --name elasticsearch bitnami/elasticsearch:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Elasticsearch in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -269,7 +274,7 @@ docker-compose up -d When you start the elasticsearch image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For Docker Compose, add the variable name and value under the application section: +- For Docker Compose, add the variable name and value under the application section: ```yaml elasticsearch: @@ -279,7 +284,7 @@ elasticsearch: ... ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console $ docker run -d --name elasticsearch \ @@ -492,29 +497,29 @@ docker-compose up elasticsearch ### 7.12.0-debian-10-r0 -* Elasticsearch 7.12.0 version or later are licensed under the Elastic License that is not currently accepted as an Open Source license by the Open Source Initiative (OSI). -* Elasticsearch 7.12.0 version or later are including x-pack plugin installed by default. Follow the official documentation to use it. +- Elasticsearch 7.12.0 version or later are licensed under the Elastic License that is not currently accepted as an Open Source license by the Open Source Initiative (OSI). +- Elasticsearch 7.12.0 version or later are including x-pack plugin installed by default. Follow the official documentation to use it. ### 6.8.5-debian-9-r0, 6.8.5-ol-7-r1, 7.4.2-debian-9-r10, 7.4.2-ol-7-r27 -* Arbitrary user ID(s) when running the container with a non-privileged user is not supported (only `1001` UID is allowed). -* This is temporary solution while Elasticsearch maintainers address an issue with ownership/permissions when installing plugins. +- Arbitrary user ID(s) when running the container with a non-privileged user is not supported (only `1001` UID is allowed). +- This is temporary solution while Elasticsearch maintainers address an issue with ownership/permissions when installing plugins. ### 6.8.2-debian-9-r36, 6.8.2-ol-7-r36, 7.3.1-debian-9-r8, 7.3.1-ol-7-r13 -* Updated OpenJDK to version 11 +- Updated OpenJDK to version 11 ### 6.6.1-debian-9-r12, 6.6.1-ol-7-r13, 6.6.1-rhel-7-r13, 5.6.15-debian-9-r12 and 5.6.15-ol-7-r13 -* Deprecate the use of `elasticsearch_custom.yml` in favor of replacing the whole `elasticsearch.yml` file. +- Deprecate the use of `elasticsearch_custom.yml` in favor of replacing the whole `elasticsearch.yml` file. ### 6.4.0-debian-9-r19, 6.4.0-ol-7-r18, 5.6.4-debian-9-r54, and 5.6.4-ol-7-r60 -* Decrease the size of the container. It is not necessary Node.js anymore. Elasticsearch configuration moved to bash scripts in the `rootfs/` folder. -* The recommended mount point to persist data changes to `/bitnami/elasticsearch/data`. -* The Elasticsearch configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/elasticsearch/config`. -* Elasticsearch `plugins` and `modules` are not persisted anymore. It's necessary to indicate what plugins to install using the env. variable `ELASTICSEARCH_PLUGINS` -* Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: +- Decrease the size of the container. It is not necessary Node.js anymore. Elasticsearch configuration moved to bash scripts in the `rootfs/` folder. +- The recommended mount point to persist data changes to `/bitnami/elasticsearch/data`. +- The Elasticsearch configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/elasticsearch/config`. +- Elasticsearch `plugins` and `modules` are not persisted anymore. It's necessary to indicate what plugins to install using the env. variable `ELASTICSEARCH_PLUGINS` +- Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: ```console $ docker-compose down @@ -527,11 +532,11 @@ $ docker-compose up -d ### 6.2.3-r7 & 5.6.4-r18 -* The Elasticsearch container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Elasticsearch daemon was started as the `elasticsearch` user. From now on, both the container and the Elasticsearch daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Elasticsearch container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Elasticsearch daemon was started as the `elasticsearch` user. From now on, both the container and the Elasticsearch daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 6.2.3-r2 & 5.6.4-r6 -* Elasticsearch container can be configured as a dedicated node with 4 different types: *master*, *data*, *coordinating* or *ingest*. +- Elasticsearch container can be configured as a dedicated node with 4 different types: *master*, *data*, *coordinating* or *ingest*. Previously it was only achievable by using a custom `elasticsearch_custom.yml` file. From now on, you can use the environment variables `ELASTICSEARCH_IS_DEDICATED_NODE` & `ELASTICSEARCH_NODE_TYPE` to configure it. ## Using `docker-compose.yaml` @@ -548,11 +553,11 @@ We'd love for you to contribute to this Docker image. You can request new featur If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new/choose). For us to provide better support, be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/envoy-gateway/README.md b/bitnami/envoy-gateway/README.md index 0cacfdbb2844..94047fdb88f4 100644 --- a/bitnami/envoy-gateway/README.md +++ b/bitnami/envoy-gateway/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy-gateway bitnami/envoy-gateway:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Envoy Gateway in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only latest stable branch maintained in the free Bitnami catalog - -Starting December 10th 2024, only the latest stable branch of any container will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches, consider upgrading to Bitnami Premium. Previous versions already released will not be deleted. They are still available to pull from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/envoy-ratelimit/README.md b/bitnami/envoy-ratelimit/README.md index 5b3a53ce9e00..ac3870396c4e 100644 --- a/bitnami/envoy-ratelimit/README.md +++ b/bitnami/envoy-ratelimit/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy-ratelimit bitnami/envoy-ratelimit:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Envoy Rate Limit in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only latest stable branch maintained in the free Bitnami catalog - -Starting December 10th 2024, only the latest stable branch of any container will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches, consider upgrading to Bitnami Premium. Previous versions already released will not be deleted. They are still available to pull from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/envoy/1.31/README.md b/bitnami/envoy/1.31/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/envoy/1.31/README.md +++ b/bitnami/envoy/1.31/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/envoy/1.32/README.md b/bitnami/envoy/1.32/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/envoy/1.32/README.md +++ b/bitnami/envoy/1.32/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/envoy/1.33/README.md b/bitnami/envoy/1.33/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/envoy/1.33/README.md +++ b/bitnami/envoy/1.33/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/envoy/README.md b/bitnami/envoy/README.md index 16e417b45373..0f2c15411adf 100644 --- a/bitnami/envoy/README.md +++ b/bitnami/envoy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy bitnami/envoy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Envoy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/etcd/3.5/README.md b/bitnami/etcd/3.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/etcd/3.5/README.md +++ b/bitnami/etcd/3.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/etcd/3.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/etcd/3.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/etcd/3.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/etcd/3.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/etcd/README.md b/bitnami/etcd/README.md index f1d8500363d0..26a426adc67d 100644 --- a/bitnami/etcd/README.md +++ b/bitnami/etcd/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name etcd bitnami/etcd:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Etcd in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -235,23 +240,23 @@ Additionally, you can configure etcd using the upstream env variables [here](htt ### 3.5.17-debian-12-r4 -* Drop support for non-Helm cluster deployment. Upgrading of any kind including increasing replica count must also be done with `helm upgrade` exclusively. CD automation tools that respect Helm hooks such as ArgoCD can also be used. -* Remove `prestop.sh` script. Hence, container should no longer define lifecycle prestop hook. -* Add `preupgrade.sh` script which should be run as a pre-upgrade Helm hook. This replaces the prestop hook as a more reliable mechanism to remove stale members when replica count is decreased. -* Stop storing member ID in a local file which is unreliable. The container now check the member ID from the data dir instead. -* Stop storing/checking for member removal from a local file. The container now check with other members in the cluster instead. +- Drop support for non-Helm cluster deployment. Upgrading of any kind including increasing replica count must also be done with `helm upgrade` exclusively. CD automation tools that respect Helm hooks such as ArgoCD can also be used. +- Remove `prestop.sh` script. Hence, container should no longer define lifecycle prestop hook. +- Add `preupgrade.sh` script which should be run as a pre-upgrade Helm hook. This replaces the prestop hook as a more reliable mechanism to remove stale members when replica count is decreased. +- Stop storing member ID in a local file which is unreliable. The container now check the member ID from the data dir instead. +- Stop storing/checking for member removal from a local file. The container now check with other members in the cluster instead. ### 3.4.15-debian-10-r7 -* The container now contains the needed logic to deploy the Etcd container on Kubernetes using the [Bitnami Etcd Chart](https://github.com/bitnami/charts/tree/master/bitnami/etcd). +- The container now contains the needed logic to deploy the Etcd container on Kubernetes using the [Bitnami Etcd Chart](https://github.com/bitnami/charts/tree/master/bitnami/etcd). ### 3.4.13-debian-10-r7 -* Arbitrary user ID(s) are supported again, see for more information abut the changes in the upstream source code +- Arbitrary user ID(s) are supported again, see for more information abut the changes in the upstream source code ### 3.4.10-debian-10-r0 -* Arbitrary user ID(s) when running the container with a non-privileged user are not supported (only `1001` UID is allowed). +- Arbitrary user ID(s) when running the container with a non-privileged user are not supported (only `1001` UID is allowed). ## Further documentation diff --git a/bitnami/express/4/README.md b/bitnami/express/4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/express/4/README.md +++ b/bitnami/express/4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/express/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/express/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/express/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/express/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/express/README.md b/bitnami/express/README.md index 71a38f9c06cb..bd6056c89ec7 100644 --- a/bitnami/express/README.md +++ b/bitnami/express/README.md @@ -18,23 +18,28 @@ docker run --name express -v ${PWD}/my-project:/app bitnami/express:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [MongoDB® container](https://github.com/bitnami/containers/blob/main/bitnami/mongodb#readme) for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Express in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -123,19 +128,19 @@ docker-compose exec Following are a few examples of launching some commonly used Express development commands inside the `myapp` service container. -* Load the Node.js REPL: +- Load the Node.js REPL: ```console docker-compose exec myapp node ``` -* List installed NPM modules: +- List installed NPM modules: ```console docker-compose exec myapp npm ls ``` -* Install a NPM module: +- Install a NPM module: ```console docker-compose exec myapp npm install bootstrap --save @@ -180,11 +185,11 @@ We'd love for you to contribute to this container. You can request new features If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new). Be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/external-dns/README.md b/bitnami/external-dns/README.md index 0adf379b454b..4bc2d6402748 100644 --- a/bitnami/external-dns/README.md +++ b/bitnami/external-dns/README.md @@ -15,14 +15,25 @@ Deploy ExternalDNS on your [GKE cluster](https://github.com/kubernetes-incubator docker run --name external-dns bitnami/external-dns:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ExternalDNS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -56,7 +61,7 @@ For further documentation, please check [here](https://github.com/kubernetes-inc ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/flink/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/flink/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/flink/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/flink/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/flink/README.md b/bitnami/flink/README.md index 7d84b1ece473..f5cc5ac4b11a 100644 --- a/bitnami/flink/README.md +++ b/bitnami/flink/README.md @@ -14,23 +14,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name flink bitnami/flink:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Flink in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/fluent-bit/README.md b/bitnami/fluent-bit/README.md index 586fb8346bda..48ebc43cd7de 100644 --- a/bitnami/fluent-bit/README.md +++ b/bitnami/fluent-bit/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name fluent-bit bitnami/fluent-bit:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Fluent Bit in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Fluent Bit in production? Try [VMware Tanzu Application Catalog]( Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/fluentd/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/fluentd/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/fluentd/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/fluentd/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/fluentd/README.md b/bitnami/fluentd/README.md index 46a04f1489b6..e3db79629039 100644 --- a/bitnami/fluentd/README.md +++ b/bitnami/fluentd/README.md @@ -15,14 +15,25 @@ docker run --name fluentd bitnami/fluentd:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Fluentd in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Fluentd in production? Try [VMware Tanzu Application Catalog](htt Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,10 +107,10 @@ docker run -d -p 24224:24224 -p 24224:24224/udp -v /data:/opt/bitnami/fluentd/lo Default configurations are: -* configuration file at `/opt/bitnami/fluentd/conf/fluentd.conf` -* listen port `24224` for Fluentd forward protocol -* store logs with tag `docker.**` into `/opt/bitnami/fluentd/log/docker.*.log` -* store all other logs into `/opt/bitnami/fluentd/log/data.*.log` +- configuration file at `/opt/bitnami/fluentd/conf/fluentd.conf` +- listen port `24224` for Fluentd forward protocol +- store logs with tag `docker.**` into `/opt/bitnami/fluentd/log/docker.*.log` +- store all other logs into `/opt/bitnami/fluentd/log/data.*.log` You can overwrite the default configuration file by mounting your own configuration file on the directory `/opt/bitnami/fluentd/conf`: @@ -131,10 +136,10 @@ docker run --name fluentd -v /path/to/custom-scripts-directory:/docker-entrypoin Environment variable below are configurable to control how to execute fluentd process: -* `FLUENTD_CONF`: This variable allows you to specify configuration file name that will be used in -c Fluentd command line option. If you want to use your own configuration file (without any optional plugins), you can do it with this environment variable and Docker volumes (`-v` option of `docker run`). -* `FLUENTD_OPT`: Use this variable to specify other Fluentd command line options, like -v or -q. -* `FLUENTD_DAEMON_USER`: The user that will run the `fluentd` process when the container is run as root. -* `FLUENTD_DAEMON_GROUP`: The group of the user that will run the `fluentd` process when the container is run as root. +- `FLUENTD_CONF`: This variable allows you to specify configuration file name that will be used in -c Fluentd command line option. If you want to use your own configuration file (without any optional plugins), you can do it with this environment variable and Docker volumes (`-v` option of `docker run`). +- `FLUENTD_OPT`: Use this variable to specify other Fluentd command line options, like -v or -q. +- `FLUENTD_DAEMON_USER`: The user that will run the `fluentd` process when the container is run as root. +- `FLUENTD_DAEMON_GROUP`: The group of the user that will run the `fluentd` process when the container is run as root. ## Logging @@ -154,8 +159,8 @@ The Bitnami Fluentd Open Source Docker image is designed to be extended so it ca Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can modify the Fluentd command-line options setting the environment variable `FLUENTD_OPT`. -* [Replacing the default configuration file by mounting your own configuration file](#configuration). +- Settings that can be adapted using environment variables. For instance, you can modify the Fluentd command-line options setting the environment variable `FLUENTD_OPT`. +- [Replacing the default configuration file by mounting your own configuration file](#configuration). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -220,7 +225,7 @@ docker run --name fluentd bitnami/fluentd:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/fluentd). +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/fluentd). ## Contributing diff --git a/bitnami/fluxcd-helm-controller/README.md b/bitnami/fluxcd-helm-controller/README.md index 1b1d237ed115..91953851fafa 100644 --- a/bitnami/fluxcd-helm-controller/README.md +++ b/bitnami/fluxcd-helm-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-helm-controller bitnami/fluxcd-helm-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux Helm Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Flux Helm Controller documentation](https://github.com/fluxc ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/fluxcd-image-automation-controller/README.md b/bitnami/fluxcd-image-automation-controller/README.md index 17b790ec5bf7..02d748c67b33 100644 --- a/bitnami/fluxcd-image-automation-controller/README.md +++ b/bitnami/fluxcd-image-automation-controller/README.md @@ -14,23 +14,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-image-automation-controller bitnami/fluxcd-image-automation-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux Image Automation Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -103,7 +108,7 @@ Check the [official Flux Image Automation Controller documentation](https://gith ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/fluxcd-image-reflector-controller/README.md b/bitnami/fluxcd-image-reflector-controller/README.md index 8752b4088f84..d26c3c0f1fea 100644 --- a/bitnami/fluxcd-image-reflector-controller/README.md +++ b/bitnami/fluxcd-image-reflector-controller/README.md @@ -14,23 +14,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-image-reflector-controller bitnami/fluxcd-image-reflector-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux Image Reflector Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -103,7 +108,7 @@ Check the [official Flux Image Reflector Controller documentation](https://githu ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/fluxcd-kustomize-controller/README.md b/bitnami/fluxcd-kustomize-controller/README.md index 2ac62409d18d..c607567615a7 100644 --- a/bitnami/fluxcd-kustomize-controller/README.md +++ b/bitnami/fluxcd-kustomize-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-kustomize-controller bitnami/fluxcd-kustomize-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux Kustomize Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Flux Kustomize Controller documentation](https://github.com/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/fluxcd-notification-controller/README.md b/bitnami/fluxcd-notification-controller/README.md index 76f434a0773c..4456762313f8 100644 --- a/bitnami/fluxcd-notification-controller/README.md +++ b/bitnami/fluxcd-notification-controller/README.md @@ -14,23 +14,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-notification-controller bitnami/fluxcd-notification-controller ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux Notification Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -103,7 +108,7 @@ Check the [official Flux Notification Controller documentation](https://github.c ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/fluxcd-source-controller/README.md b/bitnami/fluxcd-source-controller/README.md index ae385b41a841..79cefcdce4b9 100644 --- a/bitnami/fluxcd-source-controller/README.md +++ b/bitnami/fluxcd-source-controller/README.md @@ -20,23 +20,28 @@ curl -sSL https://raw.githubusercontent.com/bitnami/containers/main/bitnami/flux docker-compose up -d ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Flux in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/ghost/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ghost/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/ghost/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/ghost/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/ghost/README.md b/bitnami/ghost/README.md index d78a4f5abc32..3364cdc9f10d 100644 --- a/bitnami/ghost/README.md +++ b/bitnami/ghost/README.md @@ -16,14 +16,25 @@ docker run --name ghost bitnami/ghost:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Ghost in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -35,12 +46,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -246,7 +251,7 @@ docker run -d --name ghost \ When you start the Ghost image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: ```yaml ghost: @@ -256,7 +261,7 @@ When you start the Ghost image, you can adjust the configuration of the instance ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name ghost -p 80:8080 -p 443:8443 \ @@ -272,7 +277,7 @@ When you start the Ghost image, you can adjust the configuration of the instance This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: ```yaml ghost: @@ -289,7 +294,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name ghost -p 80:8080 -p 443:8443 \ @@ -309,7 +314,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami Ghost container supports connecting the Ghost application to an external database. This would be an example of using an external database for Ghost. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/ghost/docker-compose.yml) file present in this repository: ```diff ghost: @@ -325,7 +330,7 @@ The Bitnami Ghost container supports connecting the Ghost application to an exte ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name ghost\ @@ -513,13 +518,13 @@ Finally, build the container and set the required environment variables to confi ### 3.42.5-debian-10-r67 and 4.8.4-debian-10-r7 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* It is now possible to import existing Ghost databases from other installations. In order to do this, use the environment variable `GHOST_SKIP_BOOTSTRAP`, which forces the container not to run the initial Ghost setup wizard. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- It is now possible to import existing Ghost databases from other installations. In order to do this, use the environment variable `GHOST_SKIP_BOOTSTRAP`, which forces the container not to run the initial Ghost setup wizard. ### 0.11.10-r2 -* The ghost container has been migrated to a non-root container approach. Previously the container run as `root` user and the ghost daemon was started as `ghost` user. From now own, both the container and the ghost daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the ghost process. +- The ghost container has been migrated to a non-root container approach. Previously the container run as `root` user and the ghost daemon was started as `ghost` user. From now own, both the container and the ghost daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the ghost process. ## Contributing diff --git a/bitnami/git/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/git/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/git/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/git/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/git/README.md b/bitnami/git/README.md index 12fe2fa5c601..8106d2608150 100644 --- a/bitnami/git/README.md +++ b/bitnami/git/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name git bitnami/git:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Git in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,12 +79,12 @@ docker run --name git bitnami/git:latest git --version ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 2.31.0-debian-10-r2 -* The `ENTRYPOINT` of the container has been modified to load a proper NSS environment that enables git ssh connections when running the container as non-root. -* The `CMD` is also changed to enter the Bash shell. +- The `ENTRYPOINT` of the container has been modified to load a proper NSS environment that enables git ssh connections when running the container as non-root. +- The `CMD` is also changed to enter the Bash shell. If you were using the container without replacing the entrypoint, make sure you specify the `git` command now: diff --git a/bitnami/gitea/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitea/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/gitea/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/gitea/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/gitea/README.md b/bitnami/gitea/README.md index bf28e7c26a2e..75a0f0c92133 100644 --- a/bitnami/gitea/README.md +++ b/bitnami/gitea/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name gitea bitnami/gitea:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Gitea in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Gitea in production? Try [VMware Tanzu Application Catalog](https Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Gitea Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/gitea). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -202,7 +207,7 @@ Gitea can be configured via environment variables or using a configuration file | `GITEA_SMTP_ENABLED` | Enable to use a mail service. | `false` | | `GITEA_SMTP_HOST` | SMTP mail host address (example: smtp.gitea.io). | `nil` | | `GITEA_SMTP_PORT` | SMTP mail port (example: 587). | `nil` | -| `GITEA_SMTP_FROM` | Mail from address, RFC 5322. This can be just an email address, or the "Name" email@example.com format. | `nil` | +| `GITEA_SMTP_FROM` | Mail from address, RFC 5322. This can be just an email address, or the "Name" format. | `nil` | | `GITEA_SMTP_USER` | Username of mailing user (usually the senders e-mail address). | `nil` | | `GITEA_SMTP_PASSWORD` | Password of mailing user. Use "your password" for quoting if you use special characters in the password. | `nil` | | `GITEA_OAUTH2_CLIENT_AUTO_REGISTRATION_ENABLED` | Password of mailing user. Use "your password" for quoting if you use special characters in the password. | `false` | diff --git a/bitnami/gitlab-runner-helper/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitlab-runner-helper/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/gitlab-runner-helper/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/gitlab-runner-helper/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/gitlab-runner-helper/README.md b/bitnami/gitlab-runner-helper/README.md index 048f5f327238..03656e25a017 100644 --- a/bitnami/gitlab-runner-helper/README.md +++ b/bitnami/gitlab-runner-helper/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gitlab-runner-helper bitnami/gitlab-runner-helper ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Gitlab Runner Helper in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -104,7 +109,7 @@ Check the [official Gitlab Runner Helper documentation](https://docs.gitlab.com/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/gitlab-runner/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitlab-runner/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/gitlab-runner/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/gitlab-runner/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/gitlab-runner/README.md b/bitnami/gitlab-runner/README.md index b2889d88cda7..6e43933e2397 100644 --- a/bitnami/gitlab-runner/README.md +++ b/bitnami/gitlab-runner/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gitlab-runner bitnami/gitlab-runner ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Gitlab Runner in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Gitlab Runner documentation](https://docs.gitlab.com/runner/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/golang/1.23/README.md b/bitnami/golang/1.23/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/golang/1.23/README.md +++ b/bitnami/golang/1.23/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/golang/README.md b/bitnami/golang/README.md index b359354becb5..fc631d74ee0f 100644 --- a/bitnami/golang/README.md +++ b/bitnami/golang/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name golang bitnami/golang:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Golang in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/google-cloud-sdk/README.md b/bitnami/google-cloud-sdk/README.md index 703f2b630554..d1bcdc3417cf 100644 --- a/bitnami/google-cloud-sdk/README.md +++ b/bitnami/google-cloud-sdk/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name google-cloud-sdk bitnami/google-cloud-sdk:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Google Cloud SDK in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -84,7 +89,7 @@ docker run --rm --name google-cloud-sdk -v /path/to/your/gcloud/config:/.config/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/gotrue/README.md b/bitnami/gotrue/README.md index 2ba2d09073db..b03bd1bff198 100644 --- a/bitnami/gotrue/README.md +++ b/bitnami/gotrue/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gotrue bitnami/gotrue ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use GoTrue in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -153,7 +158,7 @@ Check the [official GoTrue documentation](https://github.com/netlify/gotrue) for ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/gradle/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gradle/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/gradle/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/gradle/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/gradle/README.md b/bitnami/gradle/README.md index 13a11be164ff..ef5de4c08ba6 100644 --- a/bitnami/gradle/README.md +++ b/bitnami/gradle/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gradle bitnami/gradle:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Gradle in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -73,8 +78,8 @@ docker run --name gradle -v /path/to/app:/app bitnami/gradle \ **Further Reading:** -* [gradle documentation](https://docs.gradle.org/) -* [gradle command-line interface](https://docs.gradle.org/current/userguide/command_line_interface.html) +- [gradle documentation](https://docs.gradle.org/) +- [gradle command-line interface](https://docs.gradle.org/current/userguide/command_line_interface.html) ## Maintenance @@ -106,7 +111,7 @@ docker run --name gradle bitnami/gradle:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-alloy/README.md b/bitnami/grafana-alloy/README.md index 1fdf3ed89e7b..b36ecb87ae7e 100644 --- a/bitnami/grafana-alloy/README.md +++ b/bitnami/grafana-alloy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-alloy bitnami/grafana-alloy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Alloy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name grafana-alloy bitnami/grafana-alloy:latest -- --help ``` -Check the [official Grafana Alloy documentation](https://grafana.com/oss/alloy-opentelemetry-collector/ for more information. +Check the [official Grafana Alloy documentation]( for more information. ## Contributing diff --git a/bitnami/grafana-image-renderer/README.md b/bitnami/grafana-image-renderer/README.md index 6d69069d2eed..64666a919e21 100644 --- a/bitnami/grafana-image-renderer/README.md +++ b/bitnami/grafana-image-renderer/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-image-renderer bitnami/grafana-image-renderer:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Image Renderer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -218,7 +223,7 @@ docker run --name grafana-image-renderer bitnami/grafana-image-renderer:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-k6-operator/README.md b/bitnami/grafana-k6-operator/README.md index 735c94925bb8..d522384c5e67 100644 --- a/bitnami/grafana-k6-operator/README.md +++ b/bitnami/grafana-k6-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-k6-operator bitnami/grafana-k6-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana k6 Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name grafana-k6-operator bitnami/grafana-k6-operator:latest -- --help ``` -Check the [official Grafana k6 Operator documentation](https://k6.io/ for more information. +Check the [official Grafana k6 Operator documentation]( for more information. ## Contributing diff --git a/bitnami/grafana-k6/README.md b/bitnami/grafana-k6/README.md index d48fb136ca76..0a44908752e0 100644 --- a/bitnami/grafana-k6/README.md +++ b/bitnami/grafana-k6/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-k6 bitnami/grafana-k6:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana k6 in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name grafana-k6 bitnami/grafana-k6:latest -- --help ``` -Check the [official Grafana k6 documentation](https://k6.io/ for more information. +Check the [official Grafana k6 documentation]( for more information. ## Contributing diff --git a/bitnami/grafana-loki/README.md b/bitnami/grafana-loki/README.md index 71b782ad247f..fcc2d52baff2 100644 --- a/bitnami/grafana-loki/README.md +++ b/bitnami/grafana-loki/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-loki bitnami/grafana-loki:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Loki in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -86,7 +91,7 @@ Check the [official Grafana Loki documentation](https://grafana.com/docs/loki/la ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-mimir/README.md b/bitnami/grafana-mimir/README.md index 71fa86153e9e..6a03b13f9e04 100644 --- a/bitnami/grafana-mimir/README.md +++ b/bitnami/grafana-mimir/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-mimir bitnami/grafana-mimir:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Mimir in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -86,7 +91,7 @@ Check the [official Grafana Mimir documentation](https://grafana.com/docs/mimir/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-operator/README.md b/bitnami/grafana-operator/README.md index 193ca7f94dfc..b88272bcfa4a 100644 --- a/bitnami/grafana-operator/README.md +++ b/bitnami/grafana-operator/README.md @@ -11,14 +11,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [Grafana Operator](https://github.com/integr8ly/grafana-operator/tree/master/documentation) on your Kubernetes cluster. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Grafana Operator Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/grafana-operator). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ docker build -t bitnami/APP:latest . ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Configuration diff --git a/bitnami/grafana-pyroscope/README.md b/bitnami/grafana-pyroscope/README.md index 4a3b118da976..7e72f8ece5f4 100644 --- a/bitnami/grafana-pyroscope/README.md +++ b/bitnami/grafana-pyroscope/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-pyroscope bitnami/grafana-pyroscope:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Pyroscope in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/grafana-tempo-query/README.md b/bitnami/grafana-tempo-query/README.md index 5cd1f4fcdfd5..f0e866f4d5ea 100644 --- a/bitnami/grafana-tempo-query/README.md +++ b/bitnami/grafana-tempo-query/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo-query bitnami/grafana-tempo-query:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Tempo Query in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -86,7 +91,7 @@ Check the [official Grafana Tempo Query documentation](https://grafana.com/docs/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-tempo-vulture/README.md b/bitnami/grafana-tempo-vulture/README.md index 1e75d1598e73..ae9075a6d7f5 100644 --- a/bitnami/grafana-tempo-vulture/README.md +++ b/bitnami/grafana-tempo-vulture/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo-vulture bitnami/grafana-tempo-vulture:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Tempo Vulture in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official Grafana Tempo documentation](https://grafana.com/docs/tempo/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/grafana-tempo/README.md b/bitnami/grafana-tempo/README.md index d24525718d33..62792ead7d64 100644 --- a/bitnami/grafana-tempo/README.md +++ b/bitnami/grafana-tempo/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo bitnami/grafana-tempo:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana Tempo in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/grafana/11/README.md b/bitnami/grafana/11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/grafana/11/README.md +++ b/bitnami/grafana/11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/grafana/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/grafana/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/grafana/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/grafana/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/grafana/README.md b/bitnami/grafana/README.md index 202f3582c1dd..46f352bc0ba3 100644 --- a/bitnami/grafana/README.md +++ b/bitnami/grafana/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana bitnami/grafana:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Grafana in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -180,9 +185,9 @@ docker build -t your-custom-grafana . When you start the Grafana image, you can specify a comma, semi-colon or space separated list of plugins to install by setting the env. variable `GF_INSTALL_PLUGINS`. The entries in `GF_INSTALL_PLUGINS` have three different formats: -* `plugin_id`: This will download the latest plugin version with name `plugin_id` from [the official Grafana plugins page](https://grafana.com/grafana/plugins). -* `plugin_id:plugin_version`: This will download the plugin with name `plugin_id` and version `plugin_version` from [the official Grafana plugins page](https://grafana.com/grafana/plugins). -* `plugin_id=url`: This will download the plugin with name `plugin_id` using the zip file specified in `url`. In case you want to skip TLS verification, set the variable `GF_INSTALL_PLUGINS_SKIP_TLS` to `yes`. +- `plugin_id`: This will download the latest plugin version with name `plugin_id` from [the official Grafana plugins page](https://grafana.com/grafana/plugins). +- `plugin_id:plugin_version`: This will download the plugin with name `plugin_id` and version `plugin_version` from [the official Grafana plugins page](https://grafana.com/grafana/plugins). +- `plugin_id=url`: This will download the plugin with name `plugin_id` using the zip file specified in `url`. In case you want to skip TLS verification, set the variable `GF_INSTALL_PLUGINS_SKIP_TLS` to `yes`. For Docker Compose, add the variable name and value under the application section: @@ -288,19 +293,19 @@ docker run --name grafana bitnami/grafana:latest The number of plugins included in the image by default has been decreased. This decision is supported by the following reasons: -* Bitnami commitment to offer images as less opinionated as possible: only very popular and well-maintained plugins should be included. -* Reducing the image size. -* Security concerns: by reducing the number of plugins, we also reduce the chances to include libraries affected by known vulnerabilities. +- Bitnami commitment to offer images as less opinionated as possible: only very popular and well-maintained plugins should be included. +- Reducing the image size. +- Security concerns: by reducing the number of plugins, we also reduce the chances to include libraries affected by known vulnerabilities. You can still build your custom image adding your custom plugins or install them during the installization as explained in the Grafana Plugins section. ### 6.7.3-debian-10-r28 -* The `GF_INSTALL_PLUGINS` environment variable is not set by default anymore. This means it doesn't try to install the [`grafana-image-renderer` plugin](https://github.com/grafana/grafana-image-renderer) anymore unless you specify it. As an alternative to install this plugin, you can use the [Grafana Image Renderer container](https://github.com/bitnami/containers/blob/main/bitnami/grafana-image-renderer). +- The `GF_INSTALL_PLUGINS` environment variable is not set by default anymore. This means it doesn't try to install the [`grafana-image-renderer` plugin](https://github.com/grafana/grafana-image-renderer) anymore unless you specify it. As an alternative to install this plugin, you can use the [Grafana Image Renderer container](https://github.com/bitnami/containers/blob/main/bitnami/grafana-image-renderer). ### 6.7.2-debian-10-r18 -* Grafana doesn't ship the [`grafana-image-renderer` plugin](https://github.com/grafana/grafana-image-renderer/) by default anymore since it's not compatible with K8s distros with IPv6 disable. Instead, the `GF_INSTALL_PLUGINS` environment variable is set by default including this plugin so it's installed during the container's initialization, users can easily avoid it by overwriting the environment variable. +- Grafana doesn't ship the [`grafana-image-renderer` plugin](https://github.com/grafana/grafana-image-renderer/) by default anymore since it's not compatible with K8s distros with IPv6 disable. Instead, the `GF_INSTALL_PLUGINS` environment variable is set by default including this plugin so it's installed during the container's initialization, users can easily avoid it by overwriting the environment variable. ## Using `docker-compose.yaml` diff --git a/bitnami/haproxy/2/README.md b/bitnami/haproxy/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/haproxy/2/README.md +++ b/bitnami/haproxy/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/haproxy/README.md b/bitnami/haproxy/README.md index 6bbba1bfdcbe..2aec58c9c079 100644 --- a/bitnami/haproxy/README.md +++ b/bitnami/haproxy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name haproxy bitnami/haproxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use HAProxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/harbor-adapter-trivy/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-adapter-trivy/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-adapter-trivy/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-adapter-trivy/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-adapter-trivy/README.md b/bitnami/harbor-adapter-trivy/README.md index 3fefc9b8d337..3e2eae5b832d 100644 --- a/bitnami/harbor-adapter-trivy/README.md +++ b/bitnami/harbor-adapter-trivy/README.md @@ -15,14 +15,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-adapter-trivy bitnami/harbor-adapter-trivy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor Adapter Trivy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Harbor Adapter Trivy in production? Try [VMware Tanzu Application Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -176,7 +181,7 @@ docker run --name harbor-adapter-trivy bitnami/harbor-adapter-trivy:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/harbor-core/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-core/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-core/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-core/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-core/README.md b/bitnami/harbor-core/README.md index 6587e5d833ae..c60233ebae4f 100644 --- a/bitnami/harbor-core/README.md +++ b/bitnami/harbor-core/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-core bitnami/harbor-core:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor Core in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ For further information about the specific component itself, please refer to the ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/harbor-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-exporter/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-exporter/README.md b/bitnami/harbor-exporter/README.md index e0cd42f60395..cc5374440113 100644 --- a/bitnami/harbor-exporter/README.md +++ b/bitnami/harbor-exporter/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-exporter bitnami/harbor-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use harbor-exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -51,7 +56,7 @@ Subscribe to project updates by watching the [bitnami/containers GitHub repo](ht harbor-exporter is a component of the Harbor application. In order to get the Harbor application running on Kubernetes we encourage you to check the [bitnami/harbor Helm chart](https://github.com/bitnami/charts/tree/master/bitnami/harbor) and configure it using the options exposed in the values.yaml file. -For further information about the specific component itself, please refer to the [source repository documentation](https://github.com/goharbor/harbor/tree/main/docs +For further information about the specific component itself, please refer to the [source repository documentation]( ### Environment variables @@ -86,7 +91,7 @@ For further information about the specific component itself, please refer to the ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/harbor-jobservice/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-jobservice/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-jobservice/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-jobservice/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-jobservice/README.md b/bitnami/harbor-jobservice/README.md index 787124422671..5502bf156ee7 100644 --- a/bitnami/harbor-jobservice/README.md +++ b/bitnami/harbor-jobservice/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-jobservice bitnami/harbor-jobservice:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor Job Service in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -69,7 +74,7 @@ For further information about the specific component itself, please refer to the ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/harbor-portal/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-portal/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-portal/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-portal/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-portal/README.md b/bitnami/harbor-portal/README.md index 1d31af14441c..cb1103b9eec4 100644 --- a/bitnami/harbor-portal/README.md +++ b/bitnami/harbor-portal/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor bitnami/harbor-portal:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/harbor-registry/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-registry/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-registry/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-registry/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-registry/README.md b/bitnami/harbor-registry/README.md index 126506718170..5770db3953b0 100644 --- a/bitnami/harbor-registry/README.md +++ b/bitnami/harbor-registry/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-registry bitnami/harbor-registry:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor Registry in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ For further information about the specific component itself, please refer to the ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/harbor-registryctl/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-registryctl/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/harbor-registryctl/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/harbor-registryctl/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/harbor-registryctl/README.md b/bitnami/harbor-registryctl/README.md index 4b2624bb087f..b44913de601d 100644 --- a/bitnami/harbor-registryctl/README.md +++ b/bitnami/harbor-registryctl/README.md @@ -14,14 +14,25 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-registryctl bitnami/harbor-registryctl:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Harbor Registryctl in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ For further information about the specific component itself, please refer to the ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/hubble-relay/README.md b/bitnami/hubble-relay/README.md index 27223c823868..e2a3f0b44468 100644 --- a/bitnami/hubble-relay/README.md +++ b/bitnami/hubble-relay/README.md @@ -15,14 +15,25 @@ This container is part of the [Cilium chart](https://github.com/bitnami/charts/t docker run --name hubble-relay bitnami/hubble-relay:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hubble Relay in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hubble-ui-backend/README.md b/bitnami/hubble-ui-backend/README.md index 7d6f9dd930a1..0b52ef28b74e 100644 --- a/bitnami/hubble-ui-backend/README.md +++ b/bitnami/hubble-ui-backend/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hubble-ui-backend bitnami/hubble-ui-backend:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hubble UI Backend in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Hubble UI Backend in production? Try [VMware Tanzu Application Ca Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/hubble-ui/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/hubble-ui/README.md b/bitnami/hubble-ui/README.md index d93205e6cc8c..80fe24bb0425 100644 --- a/bitnami/hubble-ui/README.md +++ b/bitnami/hubble-ui/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hubble-ui bitnami/hubble-ui:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hubble UI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Hubble UI in production? Try [VMware Tanzu Application Catalog](h Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hyperledger-fabric-ca/README.md b/bitnami/hyperledger-fabric-ca/README.md index fcc62d6ec399..6dcc36ffc7e5 100644 --- a/bitnami/hyperledger-fabric-ca/README.md +++ b/bitnami/hyperledger-fabric-ca/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-ca bitnami/hyperledger-fabric-ca:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hyperledger Fabric CA in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hyperledger-fabric-orderer/2/README.md b/bitnami/hyperledger-fabric-orderer/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/hyperledger-fabric-orderer/2/README.md +++ b/bitnami/hyperledger-fabric-orderer/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/hyperledger-fabric-orderer/README.md b/bitnami/hyperledger-fabric-orderer/README.md index 32680129f2fe..37687d6a6aa3 100644 --- a/bitnami/hyperledger-fabric-orderer/README.md +++ b/bitnami/hyperledger-fabric-orderer/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-orderer bitnami/hyperledger-fabric-orderer:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hyperledger Fabric Orderer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hyperledger-fabric-peer/2/README.md b/bitnami/hyperledger-fabric-peer/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/hyperledger-fabric-peer/2/README.md +++ b/bitnami/hyperledger-fabric-peer/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/hyperledger-fabric-peer/README.md b/bitnami/hyperledger-fabric-peer/README.md index 65d98070b608..9abc674a7e2c 100644 --- a/bitnami/hyperledger-fabric-peer/README.md +++ b/bitnami/hyperledger-fabric-peer/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-peer bitnami/hyperledger-fabric-peer:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hyperledger Fabric Peer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/hyperledger-fabric-tools/2/README.md b/bitnami/hyperledger-fabric-tools/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/hyperledger-fabric-tools/2/README.md +++ b/bitnami/hyperledger-fabric-tools/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/hyperledger-fabric-tools/README.md b/bitnami/hyperledger-fabric-tools/README.md index 821566cb147b..cd0750202deb 100644 --- a/bitnami/hyperledger-fabric-tools/README.md +++ b/bitnami/hyperledger-fabric-tools/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-tools bitnami/hyperledger-fabric-tools:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Hyperledger Fabric Tools in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/influxdb/2/README.md b/bitnami/influxdb/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/influxdb/2/README.md +++ b/bitnami/influxdb/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/influxdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/influxdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/influxdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/influxdb/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/influxdb/README.md b/bitnami/influxdb/README.md index 0a3006783ee5..b48dabcda8e9 100644 --- a/bitnami/influxdb/README.md +++ b/bitnami/influxdb/README.md @@ -13,14 +13,25 @@ InfluxDB(TM) is a trademark owned by InfluxData, which is not affiliated with, a docker run --name influxdb bitnami/influxdb:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use InfluxDB™ Core in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use InfluxDB™ Core in production? Try [VMware Tanzu Application Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami InfluxDB™ Core Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/influxdb). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/jaeger/1/README.md b/bitnami/jaeger/1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/jaeger/1/README.md +++ b/bitnami/jaeger/1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/jaeger/README.md b/bitnami/jaeger/README.md index caf9614cceb1..8e2e4ae4dd06 100644 --- a/bitnami/jaeger/README.md +++ b/bitnami/jaeger/README.md @@ -12,23 +12,28 @@ docker run --name jaeger bitnami/jaeger:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use jaeger in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/janusgraph/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/janusgraph/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/janusgraph/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/janusgraph/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/janusgraph/README.md b/bitnami/janusgraph/README.md index cb507967219e..9407b92a23c6 100644 --- a/bitnami/janusgraph/README.md +++ b/bitnami/janusgraph/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name janusgraph bitnami/janusgraph:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Docker Content Trust (DCT)](https://docs.docker.com/engine/security/trust/content_trust/). You can use `DOCKER_CONTENT_TRUST=1` to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Docker Content Trust (DCT)](https://docs.docker.com/engine/security/trust/content_trust/). You can use `DOCKER_CONTENT_TRUST=1` to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use JanusGraph in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/java/1.8/README.md b/bitnami/java/1.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/java/1.8/README.md +++ b/bitnami/java/1.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/java/11/README.md b/bitnami/java/11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/java/11/README.md +++ b/bitnami/java/11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/java/17/README.md b/bitnami/java/17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/java/17/README.md +++ b/bitnami/java/17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/java/21/README.md b/bitnami/java/21/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/java/21/README.md +++ b/bitnami/java/21/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/java/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/java/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/java/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/java/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/java/README.md b/bitnami/java/README.md index ba18275d53f2..c8a29a46eec7 100644 --- a/bitnami/java/README.md +++ b/bitnami/java/README.md @@ -19,23 +19,28 @@ docker run -it --name java bitnami/java docker run --name java bitnami/java:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Java in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -52,9 +57,9 @@ The `prod` tags has been removed; from now on just the regular container images The formatting convention for `prod` tags has been changed: -* `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` -* `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` -* `latest-prod` is now deprecated +- `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` +- `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` +- `latest-prod` is now deprecated ## Get this image @@ -101,20 +106,20 @@ java: **Further Reading:** -* [Java SE Documentation](https://docs.oracle.com/javase/8/docs/api/) +- [Java SE Documentation](https://docs.oracle.com/javase/8/docs/api/) ## Replace the default truststore using a custom base image In case you are replacing the default [minideb](https://github.com/bitnami/minideb) base image with a custom base image (based on Debian), it is possible to replace the default truststore located in the `/opt/bitnami/java/lib/security` folder. This is done by setting the `JAVA_EXTRA_SECURITY_DIR` docker build ARG variable, which needs to point to a location that contains a *cacerts* file that would substitute the originally bundled truststore. In the following example we will use a minideb fork that contains a custom *cacerts* file in the */bitnami/java/extra-security* folder: -* In the Dockerfile, replace `FROM docker.io/bitnami/minideb:latest` to use a custom image, defined with the `MYJAVAFORK:TAG` placeholder: +- In the Dockerfile, replace `FROM docker.io/bitnami/minideb:latest` to use a custom image, defined with the `MYJAVAFORK:TAG` placeholder: ```diff - FROM bitnami/minideb:latest + FROM MYFORK:TAG ``` -* Run `docker build` setting the value of `JAVA_EXTRA_SECURITY_DIR`. Remember to replace the `MYJAVAFORK:TAG` placeholder. +- Run `docker build` setting the value of `JAVA_EXTRA_SECURITY_DIR`. Remember to replace the `MYJAVAFORK:TAG` placeholder. ```console docker build --build-arg JAVA_EXTRA_SECURITY_DIR=/bitnami/java/extra-security -t MYJAVAFORK:TAG . @@ -164,7 +169,7 @@ docker-compose up java ### 1.8.252-debian-10-r0, 11.0.7-debian-10-r7, and 15.0.1-debian-10-r20 -* Java distribution has been migrated from AdoptOpenJDK to OpenJDK Liberica. As part of VMware, we have an agreement with Bell Software to distribute the Liberica distribution of OpenJDK. That way, we can provide support & the latest versions and security releases for Java. +- Java distribution has been migrated from AdoptOpenJDK to OpenJDK Liberica. As part of VMware, we have an agreement with Bell Software to distribute the Liberica distribution of OpenJDK. That way, we can provide support & the latest versions and security releases for Java. ## Using `docker-compose.yaml` diff --git a/bitnami/jax/README.md b/bitnami/jax/README.md index d19dea156a19..5aa6e1d3c5f7 100644 --- a/bitnami/jax/README.md +++ b/bitnami/jax/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name jax bitnami/jax ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use JAX in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use JAX in production? Try [VMware Tanzu Application Catalog](https:/ Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker run -it --name jax -v /path/to/app:/app bitnami/jax \ **Further Reading:** -* [jax documentation](https://jax.readthedocs.iodocs/) +- [jax documentation](https://jax.readthedocs.iodocs/) ## Maintenance @@ -126,7 +131,7 @@ docker run --name jax bitnami/jax:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/jenkins-agent/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/jenkins-agent/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/jenkins-agent/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/jenkins-agent/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/jenkins-agent/README.md b/bitnami/jenkins-agent/README.md index 31153e220d80..9007d27b3e5a 100644 --- a/bitnami/jenkins-agent/README.md +++ b/bitnami/jenkins-agent/README.md @@ -15,14 +15,25 @@ docker run --name jenkins-agent --env JENKINS_URL=http://jenkins:port bitnami/je You can find all the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Jenkins Agent in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Jenkins Agent in production? Try [VMware Tanzu Application Catalo Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -101,7 +106,7 @@ docker build -t bitnami/APP:latest . When you start the Jenkins Agent image, you can adjust the configuration of the instance by passing one or more environment variables either on the `docker run` command line. If you want to add a new environment variable: -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name jenkins-agent \ @@ -139,7 +144,7 @@ FROM bitnami/jenkins-agent ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/jenkins/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/jenkins/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/jenkins/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/jenkins/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/jenkins/README.md b/bitnami/jenkins/README.md index e8fa33d8368e..c474c6e121bf 100644 --- a/bitnami/jenkins/README.md +++ b/bitnami/jenkins/README.md @@ -15,14 +15,25 @@ docker run --name jenkins bitnami/jenkins:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Jenkins in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -206,7 +211,7 @@ If you detect any issue in the `docker-compose.yaml` file, feel free to report i When you start the Jenkins image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/jenkins/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/jenkins/docker-compose.yml) file present in this repository: ```yaml jenkins: @@ -216,7 +221,7 @@ When you start the Jenkins image, you can adjust the configuration of the instan ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d -p 80:8080 --name jenkins \ @@ -250,8 +255,8 @@ To backup your data, configuration and logs, follow these simple steps: #### Step 1: Stop the currently running container -* For docker-compose: `$ docker-compose stop jenkins` -* For manual execution: `$ docker stop jenkins` +- For docker-compose: `$ docker-compose stop jenkins` +- For manual execution: `$ docker stop jenkins` #### Step 2: Run the backup command @@ -286,8 +291,8 @@ docker pull bitnami/jenkins:latest ### Step 2. Stop your container -* For docker-compose: `$ docker-compose stop jenkins` -* For manual execution: `$ docker stop jenkins` +- For docker-compose: `$ docker-compose stop jenkins` +- For manual execution: `$ docker stop jenkins` ### Step 3. Take a snapshot of the application state @@ -295,13 +300,13 @@ Follow the steps in [Backing up your container](#backing-up-your-container) to t ### Step 4. Remove the stopped container -* For docker-compose: `$ docker-compose rm -v jenkins` -* For manual execution: `$ docker rm -v jenkins` +- For docker-compose: `$ docker-compose rm -v jenkins` +- For manual execution: `$ docker rm -v jenkins` ### Step 5. Run the new image -* For docker-compose: `$ docker-compose up jenkins` -* For manual execution (mount the directories if needed): `docker run --name jenkins bitnami/jenkins:latest` +- For docker-compose: `$ docker-compose up jenkins` +- For manual execution (mount the directories if needed): `docker run --name jenkins bitnami/jenkins:latest` ## Customize this image @@ -319,7 +324,7 @@ FROM bitnami/jenkins Here is an example of extending the image with the following modifications: -* Install the `vim` editor +- Install the `vim` editor ```Dockerfile FROM bitnami/jenkins @@ -336,15 +341,15 @@ USER 1001 To download and install a set of plugins and their dependencies, use the [Plugin Installation Manager tool](https://github.com/jenkinsci/plugin-installation-manager-tool). You can find information about how to use this tool in the guide below: -* [Getting Started with Plugin Installation Manager tool](https://github.com/jenkinsci/plugin-installation-manager-tool#getting-started) +- [Getting Started with Plugin Installation Manager tool](https://github.com/jenkinsci/plugin-installation-manager-tool#getting-started) Alternatively, it is possible to install plugins using the following env variables: -* `JENKINS_PLUGINS`: Comma-separated list of Jenkins plugins to be installed during the first boot. -* `JENKINS_PLUGINS_LATEST`: If set to false, install the minimum required version of the plugins in `JENKINS_PLUGINS`. Default: **true** -* `JENKINS_PLUGINS_LATEST_SPECIFIED`: If set to true, install the latest dependencies of any plugin that is requested to have the latest version. Default: **false** -* `JENKINS_OVERRIDE_PLUGINS`: If set to true, existing plugins in the persisted volume will be removed and will force plugins to be reinstalled. Default: **false** -* `JENKINS_SKIP_IMAGE_PLUGINS`: If set to true, skip the installation of image built-in plugins. Default: **false** +- `JENKINS_PLUGINS`: Comma-separated list of Jenkins plugins to be installed during the first boot. +- `JENKINS_PLUGINS_LATEST`: If set to false, install the minimum required version of the plugins in `JENKINS_PLUGINS`. Default: **true** +- `JENKINS_PLUGINS_LATEST_SPECIFIED`: If set to true, install the latest dependencies of any plugin that is requested to have the latest version. Default: **false** +- `JENKINS_OVERRIDE_PLUGINS`: If set to true, existing plugins in the persisted volume will be removed and will force plugins to be reinstalled. Default: **false** +- `JENKINS_SKIP_IMAGE_PLUGINS`: If set to true, skip the installation of image built-in plugins. Default: **false** ### Passing JVM parameters @@ -370,8 +375,8 @@ docker run -d --name jenkins -p 8080:8080 \ By default, when running this image, Bitnami implement some logic in order to configure it for working out of the box. This initialization consists of creating the user and password, preparing data to persist, configuring permissions, creating the `JENKINS_HOME`, etc. You can skip it in two ways: -* Setting the `JENKINS_SKIP_BOOTSTRAP` environment variable to `yes`. -* Attaching a volume with a custom `JENKINS_HOME` that contains a functional Jenkins installation. +- Setting the `JENKINS_SKIP_BOOTSTRAP` environment variable to `yes`. +- Attaching a volume with a custom `JENKINS_HOME` that contains a functional Jenkins installation. ### Adding files/directories to the image @@ -417,45 +422,45 @@ docker run -d -p 80:8080 --name jenkins \ ### 2.346.3-debian-11-r3 -* The preinstalled plugins were removed. +- The preinstalled plugins were removed. ### 2.332.2-debian-10-r21 -* HTTPS and HTTP support are enabled by default. -* `JENKINS_ENABLE_HTTPS` has been renamed to `JENKINS_FORCE_HTTPS`. +- HTTPS and HTTP support are enabled by default. +- `JENKINS_ENABLE_HTTPS` has been renamed to `JENKINS_FORCE_HTTPS`. ### 2.277.4-debian-10-r19 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* Only the Jenkins Home directory is persisted. -* The `install-plugins.sh` script has been deprecated. Instead use the Plugin Installation Manager Tool as explained in the [Installing Plugins](#installing-plugins) section. -* The `DISABLE_JENKINS_INITIALIZATION` environment variable was renamed to `JENKINS_SKIP_BOOTSTRAP`. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- Only the Jenkins Home directory is persisted. +- The `install-plugins.sh` script has been deprecated. Instead use the Plugin Installation Manager Tool as explained in the [Installing Plugins](#installing-plugins) section. +- The `DISABLE_JENKINS_INITIALIZATION` environment variable was renamed to `JENKINS_SKIP_BOOTSTRAP`. ### 2.263.3-debian-10-rXX -* The deprecated plugins below are not included in the image by default anymore: - * [GitHub Organization Folder](https://plugins.jenkins.io/github-organization-folder). - * [Pipeline: Declarative Agent API](https://plugins.jenkins.io/pipeline-model-declarative-agent). +- The deprecated plugins below are not included in the image by default anymore: + - [GitHub Organization Folder](https://plugins.jenkins.io/github-organization-folder). + - [Pipeline: Declarative Agent API](https://plugins.jenkins.io/pipeline-model-declarative-agent). ### 2.222.1-debian-10-r17 -* Java distribution has been migrated from AdoptOpenJDK to OpenJDK Liberica. As part of VMware, we have an agreement with Bell Software to distribute the Liberica distribution of OpenJDK. That way, we can provide support & the latest versions and security releases for Java. +- Java distribution has been migrated from AdoptOpenJDK to OpenJDK Liberica. As part of VMware, we have an agreement with Bell Software to distribute the Liberica distribution of OpenJDK. That way, we can provide support & the latest versions and security releases for Java. ### 2.204.4-debian-10-r3 -* The Jenkins container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Jenkins service was started as the `jenkins` user. From now on, both the container and the Jenkins service run as user `jenkins` (`uid=1001`). You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. -* Consequences: - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating your Jenkins data ensuring the `jenkins` user has the appropriate permissions. - * No "privileged" actions are allowed anymore. +- The Jenkins container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Jenkins service was started as the `jenkins` user. From now on, both the container and the Jenkins service run as user `jenkins` (`uid=1001`). You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- Consequences: + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating your Jenkins data ensuring the `jenkins` user has the appropriate permissions. + - No "privileged" actions are allowed anymore. ### 2.121.2-ol-7-r14 / 2.121.2-debian-9-r18 -* Use Jetty instead of Tomcat as web server. +- Use Jetty instead of Tomcat as web server. ### 2.107.1-r0 -* The Jenkins container has been migrated to the LTS version. From now on, this repository will only track long term support releases from [Jenkins](https://jenkins.io/changelog-stable/). +- The Jenkins container has been migrated to the LTS version. From now on, this repository will only track long term support releases from [Jenkins](https://jenkins.io/changelog-stable/). ## Contributing diff --git a/bitnami/jmx-exporter/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/jmx-exporter/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/jmx-exporter/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/jmx-exporter/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/jmx-exporter/README.md b/bitnami/jmx-exporter/README.md index 2058d84abd39..e297780ab706 100644 --- a/bitnami/jmx-exporter/README.md +++ b/bitnami/jmx-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jmx-exporter bitnami/jmx-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use JMX Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use JMX Exporter in production? Try [VMware Tanzu Application Catalog Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name jmx-exporter bitnami/jmx-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/jsonnet/README.md b/bitnami/jsonnet/README.md index e849427891d6..12018ecb7402 100644 --- a/bitnami/jsonnet/README.md +++ b/bitnami/jsonnet/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jsonnet bitnami/jsonnet:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Jsonnet in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ docker run --name jsonnet bitnami/jsonnet:latest -e "{hello: 'world'}" ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/jupyter-base-notebook/README.md b/bitnami/jupyter-base-notebook/README.md index a949bc470a30..3f78c73d7826 100644 --- a/bitnami/jupyter-base-notebook/README.md +++ b/bitnami/jupyter-base-notebook/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jupyter-base-notebook bitnami/jupyter-base-notebook:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Jupyter Base Notebook in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -95,7 +100,7 @@ USER 1001 ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/jupyterhub/README.md b/bitnami/jupyterhub/README.md index 81853d2717e4..10c0d35d2d7e 100644 --- a/bitnami/jupyterhub/README.md +++ b/bitnami/jupyterhub/README.md @@ -11,23 +11,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema This image is meant to run in a Kubernetes cluster. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use JupyterHub in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/jwt-cli/README.md b/bitnami/jwt-cli/README.md index b9ccd883fe65..65bf9f82d757 100644 --- a/bitnami/jwt-cli/README.md +++ b/bitnami/jwt-cli/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name jwt-cli bitnami/jwt-cli ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use JWT CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official JWT CLI documentation](https://github.com/mike-engel/jwt-cli ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kafka/3.5/README.md b/bitnami/kafka/3.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kafka/3.5/README.md +++ b/bitnami/kafka/3.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kafka/3.6/README.md b/bitnami/kafka/3.6/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kafka/3.6/README.md +++ b/bitnami/kafka/3.6/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kafka/3.7/README.md b/bitnami/kafka/3.7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kafka/3.7/README.md +++ b/bitnami/kafka/3.7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kafka/3.8/README.md b/bitnami/kafka/3.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kafka/3.8/README.md +++ b/bitnami/kafka/3.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kafka/3.9/README.md b/bitnami/kafka/3.9/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kafka/3.9/README.md +++ b/bitnami/kafka/3.9/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kafka/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/kafka/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/kafka/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/kafka/README.md b/bitnami/kafka/README.md index 2b162b69167c..85f3c979f327 100644 --- a/bitnami/kafka/README.md +++ b/bitnami/kafka/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kafka bitnami/kafka:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Kafka in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -347,14 +352,14 @@ If the truststore is mounted in a different location than `/opt/bitnami/kafka/co The following script can help you with the creation of the JKS and certificates: -* [kafka-generate-ssl.sh](https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh) +- [kafka-generate-ssl.sh](https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh) Keep in mind the following notes: -* When prompted to enter a password, use the same one for all. -* Set the Common Name or FQDN values to your Apache Kafka container hostname, e.g. `kafka.example.com`. After entering this value, when prompted "What is your first and last name?", enter this value as well. - * As an alternative, you can disable host name verification setting the environment variable `KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` to an empty string. -* When setting up a Apache Kafka Cluster (check the "Setting up an Apache Kafka Cluster") for more information), each Apache Kafka broker and logical client needs its own keystore. You will have to repeat the process for each of the brokers in the cluster. +- When prompted to enter a password, use the same one for all. +- Set the Common Name or FQDN values to your Apache Kafka container hostname, e.g. `kafka.example.com`. After entering this value, when prompted "What is your first and last name?", enter this value as well. + - As an alternative, you can disable host name verification setting the environment variable `KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` to an empty string. +- When setting up a Apache Kafka Cluster (check the "Setting up an Apache Kafka Cluster") for more information), each Apache Kafka broker and logical client needs its own keystore. You will have to repeat the process for each of the brokers in the cluster. The following docker-compose file is an example showing how to mount your JKS certificates protected by the password `certificatePassword123`. Additionally it is specifying the Apache Kafka container hostname and the credentials for the client user. @@ -423,9 +428,9 @@ If you use other tools to use your Apache Kafka cluster, you'll need to provide When deploying a Apache Kafka cluster with multiple brokers, inter broker communications can be configured with `SASL` or `SASL_SSL` using the following variables: -* `KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL`: Apache Kafka inter broker communication protocol. -* `KAFKA_INTER_BROKER_USER`: Apache Kafka inter broker communication user. -* `KAFKA_INTER_BROKER_PASSWORD`: Apache Kafka inter broker communication password. +- `KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL`: Apache Kafka inter broker communication protocol. +- `KAFKA_INTER_BROKER_USER`: Apache Kafka inter broker communication user. +- `KAFKA_INTER_BROKER_PASSWORD`: Apache Kafka inter broker communication password. NOTE: When running in KRaft mode, KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL only supports `PLAIN` mechanism in Kafka version <= 3.4. @@ -433,9 +438,9 @@ NOTE: When running in KRaft mode, KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL When deploying a Apache Kafka cluster with multiple controllers in KRaft mode, controller communications can be configured with `SASL` or `SASL_SSL` using the following variables: -* `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: Apache Kafka controllers communication protocol. -* `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. Currently only `PLAIN` mechanism is supported. -* `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. +- `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: Apache Kafka controllers communication protocol. +- `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. Currently only `PLAIN` mechanism is supported. +- `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. NOTE: When running in KRaft mode, KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL only supports `PLAIN` mechanism. @@ -443,8 +448,8 @@ NOTE: When running in KRaft mode, KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL o When configuring Apache Kafka listeners with `SASL` or `SASL_SSL` for communications with clients, you can provide your SASL credentials using this environment variables: -* `KAFKA_CLIENT_USERS`: Apache Kafka client user. Default: **user** -* `KAFKA_CLIENT_PASSWORDS`: Apache Kafka client user password. Default: **bitnami** +- `KAFKA_CLIENT_USERS`: Apache Kafka client user. Default: **user** +- `KAFKA_CLIENT_PASSWORDS`: Apache Kafka client user password. Default: **bitnami** NOTE: When running in KRaft mode, only the first user:password pair will take effect, as KRaft mode does not support SCRAM mechanism yet. @@ -452,38 +457,38 @@ NOTE: When running in KRaft mode, only the first user:password pair will take ef KRaft mode can be enabled by providing the following values: -* `KAFKA_CFG_PROCESS_ROLES`: Comma-separated list of Kafka KRaft roles. Allowed values: `controller,broker`, `controller`, `broker`. -* `KAFKA_CFG_NODE_ID`: Unique id for the Kafka node. -* `KAFKA_CFG_LISTENERS`: List of Kafka listeners. If node is set with `controller` role, the listener `CONTROLLER` must be included. -* `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Maps each listener with a Apache Kafka security protocol. If node is set with `controller` role, this setting is required in order to assign a security protocol for the `CONTROLLER LISTENER`. E.g.: `PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXT`. +- `KAFKA_CFG_PROCESS_ROLES`: Comma-separated list of Kafka KRaft roles. Allowed values: `controller,broker`, `controller`, `broker`. +- `KAFKA_CFG_NODE_ID`: Unique id for the Kafka node. +- `KAFKA_CFG_LISTENERS`: List of Kafka listeners. If node is set with `controller` role, the listener `CONTROLLER` must be included. +- `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Maps each listener with a Apache Kafka security protocol. If node is set with `controller` role, this setting is required in order to assign a security protocol for the `CONTROLLER LISTENER`. E.g.: `PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXT`. In order to configure controllers communications without authentication, you should provide the environment variables below: -* `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:PLAINTEXT`. +- `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:PLAINTEXT`. In order to configure Apache Kafka controller communications with `SASL`, you should provide the environment variables below: -* `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SASL`. -* `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: SASL mechanism to use for controllers communications. NOTE: KRaft mode does not yet support SCRAM mechanisms, so the only supported SASL mechanism in KRaft mode would be `PLAIN`. -* `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. -* `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. +- `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SASL`. +- `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: SASL mechanism to use for controllers communications. NOTE: KRaft mode does not yet support SCRAM mechanisms, so the only supported SASL mechanism in KRaft mode would be `PLAIN`. +- `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. +- `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. In order to configure Apache Kafka controller communications with `SSL`, you should provide the environment variables below: -* `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SSL`. -* `KAFKA_TLS__CLIENT_AUTH`: Configures mTLS authentication method for kafka control plane communications. Allowed values: `required`, `requested`, `none`. -* `KAFKA_TLS_TYPE`: Choose the TLS certificate format to use. Allowed values: `JKS`, `PEM`. Defaults: **JKS**. -* Valid keystore and truststore are mounted at `/opt/bitnami/kafka/config/certs/kafka.keystore.jks` and `/opt/bitnami/kafka/config/certs/kafka.truststore.jks`. +- `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SSL`. +- `KAFKA_TLS__CLIENT_AUTH`: Configures mTLS authentication method for kafka control plane communications. Allowed values: `required`, `requested`, `none`. +- `KAFKA_TLS_TYPE`: Choose the TLS certificate format to use. Allowed values: `JKS`, `PEM`. Defaults: **JKS**. +- Valid keystore and truststore are mounted at `/opt/bitnami/kafka/config/certs/kafka.keystore.jks` and `/opt/bitnami/kafka/config/certs/kafka.truststore.jks`. In order to authenticate Apache Kafka controller communications with `SASL_SSL`, you should provide the environment variables below: -* `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SASL_SSL`. -* `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: SASL mechanism to use for controllers communications. NOTE: KRaft mode does not yet support SCRAM mechanisms, so the only supported SASL mechanism in KRaft mode would be `PLAIN`. -* `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. -* `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. -* `KAFKA_TLS__CLIENT_AUTH`: Configures mTLS authentication method for kafka control plane communications. Allowed values: `required`, `requested`, `none`. -* `KAFKA_TLS_TYPE`: Choose the TLS certificate format to use. Allowed values: `JKS`, `PEM`. Defaults: **JKS**. -* Valid keystore and truststore are mounted at `/opt/bitnami/kafka/config/certs/kafka.keystore.jks` and `/opt/bitnami/kafka/config/certs/kafka.truststore.jks`. +- `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP`: Should include `CONTROLLER:SASL_SSL`. +- `KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL`: SASL mechanism to use for controllers communications. NOTE: KRaft mode does not yet support SCRAM mechanisms, so the only supported SASL mechanism in KRaft mode would be `PLAIN`. +- `KAFKA_CONTROLLER_USER`: Apache Kafka controllers communication user. +- `KAFKA_CONTROLLER_PASSWORD`: Apache Kafka controllers communication password. +- `KAFKA_TLS__CLIENT_AUTH`: Configures mTLS authentication method for kafka control plane communications. Allowed values: `required`, `requested`, `none`. +- `KAFKA_TLS_TYPE`: Choose the TLS certificate format to use. Allowed values: `JKS`, `PEM`. Defaults: **JKS**. +- Valid keystore and truststore are mounted at `/opt/bitnami/kafka/config/certs/kafka.keystore.jks` and `/opt/bitnami/kafka/config/certs/kafka.truststore.jks`. > Note: SSL settings are shared by all listeners configured using `SSL` or `SASL_SSL` protocols. Setting different certificates per listener is not yet supported. @@ -491,7 +496,7 @@ In order to authenticate Apache Kafka controller communications with `SASL_SSL`, An Apache Kafka cluster can easily be setup with the Bitnami Apache Kafka Docker image using the following environment variables: -* `KAFKA_CFG_CONTROLLER_QUORUM_VOTERS`: Comma separated host:port pairs, each corresponding to a Kafka controller connection. +- `KAFKA_CFG_CONTROLLER_QUORUM_VOTERS`: Comma separated host:port pairs, each corresponding to a Kafka controller connection. #### Step 1: Create the first node for Apache Kafka @@ -851,55 +856,55 @@ Branch 2 has been renamed to 2.8 and branch 3 has been split into branches 3.0 a This new release of the bitnami/kafka container includes a refactor in its logic and introduces several breaking changes and improvements: -* Removed env variable KAFKA_ENABLE_KRAFT. Instead, KRaft configuration will be detected if KAFKA_CFG_PROCESS_ROLES is provided. -* By default, the container will not configure neither Zookeeper mode or KRaft mode. +- Removed env variable KAFKA_ENABLE_KRAFT. Instead, KRaft configuration will be detected if KAFKA_CFG_PROCESS_ROLES is provided. +- By default, the container will not configure neither Zookeeper mode or KRaft mode. **IMPORTANT**: Either KAFKA_CFG_PROCESS_ROLES or KAFKA_CFG_ZOOKEEPER_CONNECT must be configured for Apache Kafka to be started. The equivalent configuration to the deprecated `KAFKA_ENABLE_KRAFT=true` option would be setting `KAFKA_CFG_PROCESS_ROLES=controller,broker`. This change is especially aimed to support migrating from Zookeeper mode to KRaft mode. Once Zookeeper mode is fully removed we will default to a KRaft controller+broker mode. -* Support for broker-only and controller-only nodes in KRaft mode. +- Support for broker-only and controller-only nodes in KRaft mode. By setting KAFKA_CFG_PROCESS_ROLES, the Bitnami Apache Kafka container can be configured as a dedicated broker or controller node, or run both processes. -* Added support for SASL and SSL protocols in Control plane (controller listener). +- Added support for SASL and SSL protocols in Control plane (controller listener). New variables have been added for this purpose: - * KAFKA_CONTROLLER_USER - Username for the controller communications when SASL is enabled. - * KAFKA_CONTROLLER_PASSWORD - Password for the controller communications when SASL is enabled. -* Removed the `${KAFKA_CONFIG}/server.properties` vs `${KAFKA_CONFIG}/kraft/server.properties` when using Zookeeper or KRaft mode. + - KAFKA_CONTROLLER_USER - Username for the controller communications when SASL is enabled. + - KAFKA_CONTROLLER_PASSWORD - Password for the controller communications when SASL is enabled. +- Removed the `${KAFKA_CONFIG}/server.properties` vs `${KAFKA_CONFIG}/kraft/server.properties` when using Zookeeper or KRaft mode. By default, Kafka uses `${KAFKA_CONFIG}/server.properties`, which is generated from `${KAFKA_CONFIG}/server.properties.original`, the original Kafka configuration file, based on environment variables. If no custom configuration file is mounted, references to both configurations are removed during container initialization. -* Refactor JAAS settings to use the recommended approach `listener.name.${listener_lower}.${mechanism_name}.sasl.jaas.config`. +- Refactor JAAS settings to use the recommended approach `listener.name.${listener_lower}.${mechanism_name}.sasl.jaas.config`. The `kafka_jaas.conf` will no longer be generated, although it will continue being loaded if mounted. Please note that, according to Kafka documentation, the preference will be: - * Configuration property `listener.name...sasl.jaas.config` (Recommended) - * `.KafkaServer` section of JAAS file - * KafkaServer section of JAAS file -* The KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD will no longer be valid users in other listeners when INTERNAL listener is provided or KAFKA_CFG_INTER_BROKER_LISTENER_NAME is provided. -* Refactor `kafka_validate` function for consistency with both KRaft and Zookeeper modes and improving existing SASL and SSL validations. -* Definitively remove deprecated legacy values: - * Alternative mount path `/opt/bitnami/kafka/conf` is no longer valid. - * Deprecation messages for KAFKA_PORT variable -* Extended existing `BROKER_ID_COMMAND` to support KRaft, by adding `KAFKA_NODE_ID_COMMAND` and `KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND`. -* The existing `BROKER_ID_COMMAND` variable has been deprecated and replaced by `KAFKA_BROKER_ID_COMMAND` for consistency. It will be removed in a future release, so please update your deployments to use the new variable instead. -* Environment variable `ALLOW_PLAINTEXT_LISTENER` has been removed. This variable was used to ensure Kafka wasn't started without any unauthenticated listener unless explicitly set. Since this new release requires explicitly configuring listeners and listeners' security protocol map, we have decided to remove it. + - Configuration property `listener.name...sasl.jaas.config` (Recommended) + - `.KafkaServer` section of JAAS file + - KafkaServer section of JAAS file +- The KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD will no longer be valid users in other listeners when INTERNAL listener is provided or KAFKA_CFG_INTER_BROKER_LISTENER_NAME is provided. +- Refactor `kafka_validate` function for consistency with both KRaft and Zookeeper modes and improving existing SASL and SSL validations. +- Definitively remove deprecated legacy values: + - Alternative mount path `/opt/bitnami/kafka/conf` is no longer valid. + - Deprecation messages for KAFKA_PORT variable +- Extended existing `BROKER_ID_COMMAND` to support KRaft, by adding `KAFKA_NODE_ID_COMMAND` and `KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND`. +- The existing `BROKER_ID_COMMAND` variable has been deprecated and replaced by `KAFKA_BROKER_ID_COMMAND` for consistency. It will be removed in a future release, so please update your deployments to use the new variable instead. +- Environment variable `ALLOW_PLAINTEXT_LISTENER` has been removed. This variable was used to ensure Kafka wasn't started without any unauthenticated listener unless explicitly set. Since this new release requires explicitly configuring listeners and listeners' security protocol map, we have decided to remove it. ### 3.4.0-debian-11-r23, 3.3.2-debian-11-r29 and 3.2.3-debian-11-r73 -* Apache Kafka is now configured using KRaft. You can disable this configuration with the `KAFKA_ENABLE_KRAFT=false` env var and by following the instructions in this guide. +- Apache Kafka is now configured using KRaft. You can disable this configuration with the `KAFKA_ENABLE_KRAFT=false` env var and by following the instructions in this guide. ### 3.0.0-debian-10-r0 -* Apache Kafka 3.0 deprecates the `--zookeper` flag in shell commands. Related operations such as topic creation require the use of updated flags. Please, refer to [Apache Kafka's official release notes](https://archive.apache.org/dist/kafka/3.0.0/RELEASE_NOTES.html) for further information on the changes introduced by this version. +- Apache Kafka 3.0 deprecates the `--zookeper` flag in shell commands. Related operations such as topic creation require the use of updated flags. Please, refer to [Apache Kafka's official release notes](https://archive.apache.org/dist/kafka/3.0.0/RELEASE_NOTES.html) for further information on the changes introduced by this version. ### 2.5.0-debian-10-r111 -* The `KAFKA_CLIENT_USER` AND `KAFKA_CLIENT_PASSWORD` have been deprecated in favor of `KAFKA_CLIENT_USERS` and `KAFKA_CLIENT_PASSWORDS`. +- The `KAFKA_CLIENT_USER` AND `KAFKA_CLIENT_PASSWORD` have been deprecated in favor of `KAFKA_CLIENT_USERS` and `KAFKA_CLIENT_PASSWORDS`. ### 2.5.0-debian-10-r51 -* The environment variables `KAFKA_PORT_NUMBER` and `KAFKA_CFG_PORT` was deprecated, you can specify the port number in `KAFKA_CFG_LISTENERS` instead. -* The following environment variables were renamed: +- The environment variables `KAFKA_PORT_NUMBER` and `KAFKA_CFG_PORT` was deprecated, you can specify the port number in `KAFKA_CFG_LISTENERS` instead. +- The following environment variables were renamed: - * `KAFKA_BROKER_USER` -> `KAFKA_CLIENT_USER` - * `KAFKA_BROKER_PASSWORD` -> `KAFKA_CLIENT_PASSWORD` + - `KAFKA_BROKER_USER` -> `KAFKA_CLIENT_USER` + - `KAFKA_BROKER_PASSWORD` -> `KAFKA_CLIENT_PASSWORD` -* Listeners & advertised listeners must be configured to enable authentication. Check [Security section](#security) for more information. +- Listeners & advertised listeners must be configured to enable authentication. Check [Security section](#security) for more information. ### 2.4.1-r38-debian-10 @@ -907,65 +912,65 @@ The configuration directory was changed to `/opt/bitnami/kafka/config`. Configur ### 1.1.1-debian-9-r224, 2.2.1-debian-9-r16, 1.1.1-ol-7-r306 and 2.2.1-ol-7-r14 -* The following environment variables were beingly wrongly translated into `KAFKA_CFG_` environment variables, and therefore they were being wrongly mapped into Apache Kafka keys: +- The following environment variables were beingly wrongly translated into `KAFKA_CFG_` environment variables, and therefore they were being wrongly mapped into Apache Kafka keys: - * `KAFKA_LOGS_DIRS` -> `KAFKA_CFG_LOG_DIRS` - * `KAFKA_PORT_NUMBER` -> `KAFKA_CFG_PORT` - * `KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS` + - `KAFKA_LOGS_DIRS` -> `KAFKA_CFG_LOG_DIRS` + - `KAFKA_PORT_NUMBER` -> `KAFKA_CFG_PORT` + - `KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS` -* For consistency reasons with previous environment variables, the following `KAFKA_` to `KAFKA_CFG_` environment variable translations are now supported for mapping into Apache Kafka keys: +- For consistency reasons with previous environment variables, the following `KAFKA_` to `KAFKA_CFG_` environment variable translations are now supported for mapping into Apache Kafka keys: - * `KAFKA_LOG_DIRS` -> `KAFKA_CFG_LOG_DIRS` - * `KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS` + - `KAFKA_LOG_DIRS` -> `KAFKA_CFG_LOG_DIRS` + - `KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS` ### 1.1.1-debian-9-r205, 2.2.0-debian-9-r40, 1.1.1-ol-7-r286, and 2.2.0-ol-7-r53 Configuration changes. Most environment variables now start with `KAFKA_CFG_`, as they are now mapped directly to Apache Kafka keys. Variables changed: -* `KAFKA_ADVERTISED_LISTENERS` -> `KAFKA_CFG_ADVERTISED_LISTENERS` -* `KAFKA_BROKER_ID` -> `KAFKA_CFG_BROKER_ID` -* `KAFKA_DEFAULT_REPLICATION_FACTOR` -> `KAFKA_CFG_DEFAULT_REPLICATION_FACTOR` -* `KAFKA_DELETE_TOPIC_ENABLE` -> `KAFKA_CFG_DELETE_TOPIC_ENABLE` -* `KAFKA_INTER_BROKER_LISTENER_NAME` -> `KAFKA_CFG_INTER_BROKER_LISTENER_NAME` -* `KAFKA_LISTENERS` -> `KAFKA_CFG_LISTENERS` -* `KAFKA_LISTENER_SECURITY_PROTOCOL_MAP` -> `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP` -* `KAFKA_LOGS_DIRS` -> `KAFKA_CFG_LOG_DIRS` -* `KAFKA_LOG_FLUSH_INTERVAL_MESSAGES` -> `KAFKA_CFG_LOG_FLUSH_INTERVAL_MESSAGES` -* `KAFKA_LOG_FLUSH_INTERVAL_MS` -> `KAFKA_CFG_LOG_FLUSH_INTERVAL_MS` -* `KAFKA_LOG_MESSAGE_FORMAT_VERSION` -> `KAFKA_CFG_LOG_MESSAGE_FORMAT_VERSION` -* `KAFKA_LOG_RETENTION_BYTES` -> `KAFKA_CFG_LOG_RETENTION_BYTES` -* `KAFKA_LOG_RETENTION_CHECK_INTERVALS_MS` -> `KAFKA_CFG_LOG_RETENTION_CHECK_INTERVAL_MS` -* `KAFKA_LOG_RETENTION_HOURS` -> `KAFKA_CFG_LOG_RETENTION_HOURS` -* `KAFKA_MAX_MESSAGE_BYTES` -> `KAFKA_CFG_MESSAGE_MAX_BYTES` -* `KAFKA_NUM_IO_THREADS` -> `KAFKA_CFG_NUM_IO_THREADS` -* `KAFKA_NUM_NETWORK_THREADS` -> `KAFKA_CFG_NUM_NETWORK_THREADS` -* `KAFKA_NUM_PARTITIONS` -> `KAFKA_CFG_NUM_PARTITIONS` -* `KAFKA_NUM_RECOVERY_THREADS_PER_DATA_DIR` -> `KAFKA_CFG_NUM_RECOVERY_THREADS_PER_DATA_DIR` -* `KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR` -> `KAFKA_CFG_OFFSETS_TOPIC_REPLICATION_FACTOR` -* `KAFKA_PORT` -> `KAFKA_CFG_PORT` -* `KAFKA_SEGMENT_BYTES` -> `KAFKA_CFG_SEGMENT_BYTES` -* `KAFKA_SOCKET_RECEIVE_BUFFER_BYTES` -> `KAFKA_CFG_SOCKET_RECEIVE_BUFFER_BYTES` -* `KAFKA_SOCKET_REQUEST_MAX_BYTES` -> `KAFKA_CFG_SOCKET_REQUEST_MAX_BYTES` -* `KAFKA_SOCKET_SEND_BUFFER_BYTES` -> `KAFKA_CFG_SOCKET_SEND_BUFFER_BYTES` -* `KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` -> `KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` -* `KAFKA_TRANSACTION_STATE_LOG_MIN_ISR` -> `KAFKA_CFG_TRANSACTION_STATE_LOG_MIN_ISR` -* `KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR` -> `KAFKA_CFG_TRANSACTION_STATE_LOG_REPLICATION_FACTOR` -* `KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECT_TIMEOUT_MS` -* `KAFKA_ZOOKEEPER_CONNECT` -> `KAFKA_CFG_ZOOKEEPER_CONNECT` +- `KAFKA_ADVERTISED_LISTENERS` -> `KAFKA_CFG_ADVERTISED_LISTENERS` +- `KAFKA_BROKER_ID` -> `KAFKA_CFG_BROKER_ID` +- `KAFKA_DEFAULT_REPLICATION_FACTOR` -> `KAFKA_CFG_DEFAULT_REPLICATION_FACTOR` +- `KAFKA_DELETE_TOPIC_ENABLE` -> `KAFKA_CFG_DELETE_TOPIC_ENABLE` +- `KAFKA_INTER_BROKER_LISTENER_NAME` -> `KAFKA_CFG_INTER_BROKER_LISTENER_NAME` +- `KAFKA_LISTENERS` -> `KAFKA_CFG_LISTENERS` +- `KAFKA_LISTENER_SECURITY_PROTOCOL_MAP` -> `KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP` +- `KAFKA_LOGS_DIRS` -> `KAFKA_CFG_LOG_DIRS` +- `KAFKA_LOG_FLUSH_INTERVAL_MESSAGES` -> `KAFKA_CFG_LOG_FLUSH_INTERVAL_MESSAGES` +- `KAFKA_LOG_FLUSH_INTERVAL_MS` -> `KAFKA_CFG_LOG_FLUSH_INTERVAL_MS` +- `KAFKA_LOG_MESSAGE_FORMAT_VERSION` -> `KAFKA_CFG_LOG_MESSAGE_FORMAT_VERSION` +- `KAFKA_LOG_RETENTION_BYTES` -> `KAFKA_CFG_LOG_RETENTION_BYTES` +- `KAFKA_LOG_RETENTION_CHECK_INTERVALS_MS` -> `KAFKA_CFG_LOG_RETENTION_CHECK_INTERVAL_MS` +- `KAFKA_LOG_RETENTION_HOURS` -> `KAFKA_CFG_LOG_RETENTION_HOURS` +- `KAFKA_MAX_MESSAGE_BYTES` -> `KAFKA_CFG_MESSAGE_MAX_BYTES` +- `KAFKA_NUM_IO_THREADS` -> `KAFKA_CFG_NUM_IO_THREADS` +- `KAFKA_NUM_NETWORK_THREADS` -> `KAFKA_CFG_NUM_NETWORK_THREADS` +- `KAFKA_NUM_PARTITIONS` -> `KAFKA_CFG_NUM_PARTITIONS` +- `KAFKA_NUM_RECOVERY_THREADS_PER_DATA_DIR` -> `KAFKA_CFG_NUM_RECOVERY_THREADS_PER_DATA_DIR` +- `KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR` -> `KAFKA_CFG_OFFSETS_TOPIC_REPLICATION_FACTOR` +- `KAFKA_PORT` -> `KAFKA_CFG_PORT` +- `KAFKA_SEGMENT_BYTES` -> `KAFKA_CFG_SEGMENT_BYTES` +- `KAFKA_SOCKET_RECEIVE_BUFFER_BYTES` -> `KAFKA_CFG_SOCKET_RECEIVE_BUFFER_BYTES` +- `KAFKA_SOCKET_REQUEST_MAX_BYTES` -> `KAFKA_CFG_SOCKET_REQUEST_MAX_BYTES` +- `KAFKA_SOCKET_SEND_BUFFER_BYTES` -> `KAFKA_CFG_SOCKET_SEND_BUFFER_BYTES` +- `KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` -> `KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM` +- `KAFKA_TRANSACTION_STATE_LOG_MIN_ISR` -> `KAFKA_CFG_TRANSACTION_STATE_LOG_MIN_ISR` +- `KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR` -> `KAFKA_CFG_TRANSACTION_STATE_LOG_REPLICATION_FACTOR` +- `KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS` -> `KAFKA_CFG_ZOOKEEPER_CONNECT_TIMEOUT_MS` +- `KAFKA_ZOOKEEPER_CONNECT` -> `KAFKA_CFG_ZOOKEEPER_CONNECT` ### 1.1.0-r41 -* Configuration is not persisted anymore. It should be mounted as a volume or it will be regenerated each time the container is created. -* Dummy certificates are not used anymore when the SASL_SSL listener is configured. These certificates must be mounted as volumes. +- Configuration is not persisted anymore. It should be mounted as a volume or it will be regenerated each time the container is created. +- Dummy certificates are not used anymore when the SASL_SSL listener is configured. These certificates must be mounted as volumes. ### 0.10.2.1-r3 -* The kafka container has been migrated to a non-root container approach. Previously the container run as `root` user and the kafka daemon was started as `kafka` user. From now own, both the container and the kafka daemon run as user `1001`. +- The kafka container has been migrated to a non-root container approach. Previously the container run as `root` user and the kafka daemon was started as `kafka` user. From now own, both the container and the kafka daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the kafka process. ### 0.10.2.1-r0 -* New Bitnami release +- New Bitnami release ## Using `docker-compose.yaml` @@ -981,11 +986,11 @@ We'd love for you to contribute to this Docker image. You can request new featur If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new/choose). For us to provide better support, be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/kaniko/README.md b/bitnami/kaniko/README.md index c4d5335af92a..6a91d4316b61 100644 --- a/bitnami/kaniko/README.md +++ b/bitnami/kaniko/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kaniko bitnami/kaniko ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kaniko in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Kaniko documentation](https://github.com/chainguard-dev/kani ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/keycloak-config-cli/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/keycloak-config-cli/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/keycloak-config-cli/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/keycloak-config-cli/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/keycloak-config-cli/README.md b/bitnami/keycloak-config-cli/README.md index 073fcd2be485..caabf4385d41 100644 --- a/bitnami/keycloak-config-cli/README.md +++ b/bitnami/keycloak-config-cli/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --rm --name keycloak-config-cli bitnami/keycloak-config-cli:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Keycloak Config CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Find how to configure Keycloak Config CLI in its [official documentation](https: ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/keycloak/25/README.md b/bitnami/keycloak/25/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/keycloak/25/README.md +++ b/bitnami/keycloak/25/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/keycloak/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/keycloak/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/keycloak/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/keycloak/26/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/keycloak/README.md b/bitnami/keycloak/README.md index 070fdc2caef0..68e6cd8444f0 100644 --- a/bitnami/keycloak/README.md +++ b/bitnami/keycloak/README.md @@ -15,14 +15,25 @@ docker run --name keycloak bitnami/keycloak:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Keycloak in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -189,29 +194,29 @@ keycloak: The Bitnami Keycloak Docker image allows configuring HTTPS/TLS encription. This is done by mounting in `/opt/bitnami/keycloak/certs` two files: -* `keystore`: File with the server keystore -* `truststore`: File with the server truststore +- `keystore`: File with the server keystore +- `truststore`: File with the server truststore > Note: find more information about how to create these files at the [Keycloak documentation](https://www.keycloak.org/server/keycloak-truststore). Apart from that, the following environment variables must be set: -* `KEYCLOAK_ENABLE_HTTPS`: Enable TLS encryption using the keystore. Default: **false**. -* `KEYCLOAK_HTTPS_KEY_STORE_FILE`: Path to the keystore file (e.g. `/opt/bitnami/keycloak/certs/keystore.jks`). No defaults. -* `KEYCLOAK_HTTPS_TRUST_STORE_FILE`: Path to the truststore file (e.g. `/opt/bitnami/keycloak/certs/truststore.jks`). No defaults. -* `KEYCLOAK_HTTPS_KEY_STORE_PASSWORD`: Password for accessing the keystore. No defaults. -* `KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD`: Password for accessing the truststore. No defaults. -* `KEYCLOAK_HTTPS_USE_PEM`: Set to true to configure HTTPS using PEM certificates'. Default: **false**. -* `KEYCLOAK_HTTPS_CERTIFICATE_FILE`: Path to the PEM certificate file (e.g. `/opt/bitnami/keycloak/certs/tls.crt`). No defaults. -* `KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE`: Path to the PEM key file (e.g. `/opt/bitnami/keycloak/certs/tls.key`). No defaults. +- `KEYCLOAK_ENABLE_HTTPS`: Enable TLS encryption using the keystore. Default: **false**. +- `KEYCLOAK_HTTPS_KEY_STORE_FILE`: Path to the keystore file (e.g. `/opt/bitnami/keycloak/certs/keystore.jks`). No defaults. +- `KEYCLOAK_HTTPS_TRUST_STORE_FILE`: Path to the truststore file (e.g. `/opt/bitnami/keycloak/certs/truststore.jks`). No defaults. +- `KEYCLOAK_HTTPS_KEY_STORE_PASSWORD`: Password for accessing the keystore. No defaults. +- `KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD`: Password for accessing the truststore. No defaults. +- `KEYCLOAK_HTTPS_USE_PEM`: Set to true to configure HTTPS using PEM certificates'. Default: **false**. +- `KEYCLOAK_HTTPS_CERTIFICATE_FILE`: Path to the PEM certificate file (e.g. `/opt/bitnami/keycloak/certs/tls.crt`). No defaults. +- `KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE`: Path to the PEM key file (e.g. `/opt/bitnami/keycloak/certs/tls.key`). No defaults. ### SPI TLS truststore The Bitnami Keycloak Docker image supports configuring a truststore for HTTP/TLS connection with Keycloak SPIs. -* `KEYCLOAK_SPI_TRUSTSTORE_FILE`: Path to the Keycloak SPI truststore file (e.g. `/opt/bitnami/keycloak/certs-spi/truststore.jks`). No defaults. -* `KEYCLOAK_SPI_TRUSTSTORE_PASSWORD`: Password for decrypting the SPI truststore file. No defaults. -* `KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY`: Hostname verification policy for SPI connection over HTTPS/TLS +- `KEYCLOAK_SPI_TRUSTSTORE_FILE`: Path to the Keycloak SPI truststore file (e.g. `/opt/bitnami/keycloak/certs-spi/truststore.jks`). No defaults. +- `KEYCLOAK_SPI_TRUSTSTORE_PASSWORD`: Password for decrypting the SPI truststore file. No defaults. +- `KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY`: Hostname verification policy for SPI connection over HTTPS/TLS ### Adding custom themes @@ -277,14 +282,14 @@ After that, your changes will be taken into account in the server's behaviour. ### 19-debian-11-r4 -* TLS environment variables have been renamed to match upstream. - * `KEYCLOAK_ENABLE_TLS` was renamed as `KEYCLOAK_ENABLE_HTTPS`. - * `KEYCLOAK_TLS_KEYSTORE_FILE` was renamed as `KEYCLOAK_TLS_KEY_STORE_FILE`. - * `KEYCLOAK_TLS_TRUSTSTORE_FILE` was renamed as `KEYCLOAK_TLS_TRUST_STORE_FILE`. - * `KEYCLOAK_TLS_KEYSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_KEY_STORE_PASSWORD`. - * `KEYCLOAK_TLS_TRUSTSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_TRUST_STORE_PASSWORD`. -* HTTPS/TLS can now be configured using PEM certificates. -* Added support to add SPI truststore file. +- TLS environment variables have been renamed to match upstream. + - `KEYCLOAK_ENABLE_TLS` was renamed as `KEYCLOAK_ENABLE_HTTPS`. + - `KEYCLOAK_TLS_KEYSTORE_FILE` was renamed as `KEYCLOAK_TLS_KEY_STORE_FILE`. + - `KEYCLOAK_TLS_TRUSTSTORE_FILE` was renamed as `KEYCLOAK_TLS_TRUST_STORE_FILE`. + - `KEYCLOAK_TLS_KEYSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_KEY_STORE_PASSWORD`. + - `KEYCLOAK_TLS_TRUSTSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_TRUST_STORE_PASSWORD`. +- HTTPS/TLS can now be configured using PEM certificates. +- Added support to add SPI truststore file. ### 17-debian-10 diff --git a/bitnami/keydb/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/keydb/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/keydb/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/keydb/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/keydb/README.md b/bitnami/keydb/README.md index 631858c3fbdb..fa08e2471789 100644 --- a/bitnami/keydb/README.md +++ b/bitnami/keydb/README.md @@ -15,14 +15,25 @@ docker run --name keydb -e ALLOW_EMPTY_PASSWORD=yes bitnami/keydb:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KeyDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use KeyDB in production? Try [VMware Tanzu Application Catalog](https Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -227,7 +232,7 @@ docker-compose up -d For security reasons, you may want to disable some commands. You can specify them by using the following environment variable on the first run: -* `KEYDB_DISABLE_COMMANDS`: Comma-separated list of KeyDB commands to disable. Defaults to empty. +- `KEYDB_DISABLE_COMMANDS`: Comma-separated list of KeyDB commands to disable. Defaults to empty. ```console docker run --name keydb -e KEYDB_DISABLE_COMMANDS=FLUSHDB,FLUSHALL,CONFIG bitnami/keydb:latest @@ -384,19 +389,19 @@ services: A replication cluster can easily be setup with the Bitnami KeyDB Docker Image using the following environment variables: -* `KEYDB_REPLICATION_MODE`: The replication mode. Possible values `master`/`replica`. No defaults. -* `KEYDB_ACTIVE_REPLICA`: Configure Replica node as active-replica. Defaults to `no`. -* `KEYDB_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. -* `KEYDB_REPLICA_PORT`: The replication announce port. Defaults to `KEYDB_MASTER_PORT_NUMBER`. -* `KEYDB_MASTER_HOSTS`: Comma separated list of Hostnames/IPs of KeyDB master instances to be a replica of (multiple hosts only supported if active-replica is enabled). No defaults. -* `KEYDB_MASTER_PORT_NUMBER`: Port number of the KeyDB master instances to be a replica of. Defaults to `6379`. -* `KEYDB_MASTER_PASSWORD`: Password to authenticate against the KeyDB master instances to be a replica of. No defaults. +- `KEYDB_REPLICATION_MODE`: The replication mode. Possible values `master`/`replica`. No defaults. +- `KEYDB_ACTIVE_REPLICA`: Configure Replica node as active-replica. Defaults to `no`. +- `KEYDB_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. +- `KEYDB_REPLICA_PORT`: The replication announce port. Defaults to `KEYDB_MASTER_PORT_NUMBER`. +- `KEYDB_MASTER_HOSTS`: Comma separated list of Hostnames/IPs of KeyDB master instances to be a replica of (multiple hosts only supported if active-replica is enabled). No defaults. +- `KEYDB_MASTER_PORT_NUMBER`: Port number of the KeyDB master instances to be a replica of. Defaults to `6379`. +- `KEYDB_MASTER_PASSWORD`: Password to authenticate against the KeyDB master instances to be a replica of. No defaults. There are three main architectures for replication in KeyDB: -* **Master/Replica**: In this architecture, a single KeyDB instance acts as the master, and one or more KeyDB instances act as replicas. The master is responsible for all write operations, while the replicas replicate the write operations from the master and serve read operations. -* **Active Replication**: In this architecture, a single KeyDB instance acts as the master, and one or more KeyDB instances act as active replicas. All instances can accept write operations and replicate them to the rest of the instances. -* **Multi Master Replication**: In this architecture, two or more KeyDB instances act as master, and replicas are configured to replicate from multiple masters. A replica with multiple masters will contain a superset of the data of all its masters. If two masters have a value with the same key it is undefined which key will be taken. If a master deletes a key that exists on another master the replica will no longer contain a copy of that key. +- **Master/Replica**: In this architecture, a single KeyDB instance acts as the master, and one or more KeyDB instances act as replicas. The master is responsible for all write operations, while the replicas replicate the write operations from the master and serve read operations. +- **Active Replication**: In this architecture, a single KeyDB instance acts as the master, and one or more KeyDB instances act as active replicas. All instances can accept write operations and replicate them to the rest of the instances. +- **Multi Master Replication**: In this architecture, two or more KeyDB instances act as master, and replicas are configured to replicate from multiple masters. A replica with multiple masters will contain a superset of the data of all its masters. If two masters have a value with the same key it is undefined which key will be taken. If a master deletes a key that exists on another master the replica will no longer contain a copy of that key. #### Step 1: Create the replication master @@ -482,14 +487,14 @@ The above command scales up the number of replicas to `3`. You can scale down in KeyDB adds the support for SSL/TLS connections. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `KEYDB_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `KEYDB_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. -* `KEYDB_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `KEYDB_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `KEYDB_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `KEYDB_TLS_CA_DIR`). No defaults. -* `KEYDB_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. -* `KEYDB_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. -* `KEYDB_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. +- `KEYDB_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `KEYDB_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. +- `KEYDB_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `KEYDB_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `KEYDB_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `KEYDB_TLS_CA_DIR`). No defaults. +- `KEYDB_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. +- `KEYDB_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. +- `KEYDB_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. When enabling TLS, conventional standard traffic is disabled by default. However this new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To enable non-TLS traffic, set `KEYDB_TLS_PORT_NUMBER` to another port different than `0`. diff --git a/bitnami/kiam/README.md b/bitnami/kiam/README.md index 482e92013558..5db145f4e4bc 100644 --- a/bitnami/kiam/README.md +++ b/bitnami/kiam/README.md @@ -16,23 +16,28 @@ From Bitnami, we will update the container image and Helm chart, as usual, bundl docker run --name kiam bitnami/kiam:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kiam in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -79,7 +84,7 @@ Check the [official Kiam documentation](https://github.com/uswitch/kiam/tree/mas ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kibana/7/README.md b/bitnami/kibana/7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kibana/7/README.md +++ b/bitnami/kibana/7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kibana/8/README.md b/bitnami/kibana/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kibana/8/README.md +++ b/bitnami/kibana/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kibana/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kibana/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/kibana/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/kibana/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/kibana/README.md b/bitnami/kibana/README.md index b55b7685eb69..e5bfc64ce18a 100644 --- a/bitnami/kibana/README.md +++ b/bitnami/kibana/README.md @@ -15,14 +15,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kibana bitnami/kibana:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kibana in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Kibana in production? Try [VMware Tanzu Application Catalog](http Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -313,23 +318,23 @@ docker run --name kibana bitnami/kibana:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 6.8.15-debian-10-r12 & 7.10.2-debian-10-r62 & 7.12.0-debian-10-r0 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* Kibana 7.12.0 version or later are licensed under the Elastic License that is not currently accepted as an Open Source license by the Open Source Initiative (OSI). -* Kibana 7.12.0 version or later are including x-pack plugin installed by default. Follow official documentation to use it. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- Kibana 7.12.0 version or later are licensed under the Elastic License that is not currently accepted as an Open Source license by the Open Source Initiative (OSI). +- Kibana 7.12.0 version or later are including x-pack plugin installed by default. Follow official documentation to use it. ### 6.5.1-r3 & 5.6.13-r20 -* The Kibana container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Kibana daemon was started as the `kibana` user. From now on, both the container and the Kibana daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Kibana container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Kibana daemon was started as the `kibana` user. From now on, both the container and the Kibana daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 4.5.4-r1 -* `ELASTICSEARCH_URL` parameter has been renamed to `KIBANA_ELASTICSEARCH_URL`. -* `ELASTICSEARCH_PORT` parameter has been renamed to `KIBANA_ELASTICSEARCH_PORT`. +- `ELASTICSEARCH_URL` parameter has been renamed to `KIBANA_ELASTICSEARCH_URL`. +- `ELASTICSEARCH_PORT` parameter has been renamed to `KIBANA_ELASTICSEARCH_PORT`. ## Contributing diff --git a/bitnami/kong-ingress-controller/2/README.md b/bitnami/kong-ingress-controller/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kong-ingress-controller/2/README.md +++ b/bitnami/kong-ingress-controller/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kong-ingress-controller/README.md b/bitnami/kong-ingress-controller/README.md index d19bdeaf0783..e69f8b5e235a 100644 --- a/bitnami/kong-ingress-controller/README.md +++ b/bitnami/kong-ingress-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kong-ingress-controller bitnami/kong-ingress-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kong Ingress Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Consult the [kong-ingress-controller Reference Documentation](https://docs.kongh ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kong/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kong/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/kong/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/kong/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/kong/README.md b/bitnami/kong/README.md index 9babe74f6cb0..5d0482e10f59 100644 --- a/bitnami/kong/README.md +++ b/bitnami/kong/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kong bitnami/kong:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kong in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Kong in production? Try [VMware Tanzu Application Catalog](https: Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -133,8 +138,8 @@ We can launch another containers using the same flag (`--network NETWORK`) in th Additionally, this container also supports configuring Kong via environment values starting with `KONG_`. For instance, by setting the `KONG_LOG_LEVEL` environment variable, Kong will take into account this value rather than the property set in `kong.conf`. It is recommended to set the following environment variables: -* `KONG_DATABASE`: Database type used. Valid values: **postgres** or **off**. Default: **postgres** -* For PostgreSQL database: `KONG_PG_HOST`, `KONG_PG_PORT`, `KONG_PG_TIMEOUT`, `KONG_PG_USER`, `KONG_PG_PASSWORD`. +- `KONG_DATABASE`: Database type used. Valid values: **postgres** or **off**. Default: **postgres** +- For PostgreSQL database: `KONG_PG_HOST`, `KONG_PG_PORT`, `KONG_PG_TIMEOUT`, `KONG_PG_USER`, `KONG_PG_PASSWORD`. Check the official [Kong Configuration Reference](https://docs.konghq.com/latest/configuration/#environment-variables) for the full list of configurable properties. @@ -185,8 +190,8 @@ The Bitnami Kong Docker image is designed to be extended so it can be used as th Before extending this image, please note it is possible there are certain ways you can configure Kong using the original: -* [Configuring Kong via environment variables](#configuration). -* [Changing the 'kong.conf' file](#full-configuration). +- [Configuring Kong via environment variables](#configuration). +- [Changing the 'kong.conf' file](#full-configuration). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -198,10 +203,10 @@ FROM bitnami/kong Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Kong configuration file -* Modify the ports used by Kong -* Change the user that runs the container +- Install the `vim` editor +- Modify the Kong configuration file +- Modify the ports used by Kong +- Change the user that runs the container ```Dockerfile FROM bitnami/kong @@ -229,8 +234,8 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Configure Kong via environment variables -* Override the entire `kong.conf` configuration file +- Configure Kong via environment variables +- Override the entire `kong.conf` configuration file ```yaml version: '2' diff --git a/bitnami/kserve-agent/README.md b/bitnami/kserve-agent/README.md index 09aa5794c375..aed3e1628b9b 100644 --- a/bitnami/kserve-agent/README.md +++ b/bitnami/kserve-agent/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-agent bitnami/kserve-agent:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe Agent in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-agent bitnami/kserve-agent:latest -- --help ``` -Check the [official KServe Agent documentation](https://kserve.github.io/website for more information. +Check the [official KServe Agent documentation]( for more information. ## Contributing diff --git a/bitnami/kserve-controller/README.md b/bitnami/kserve-controller/README.md index 63943de0fa12..b0227a0fe7ce 100644 --- a/bitnami/kserve-controller/README.md +++ b/bitnami/kserve-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-controller bitnami/kserve-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-controller bitnami/kserve-controller:latest -- --help ``` -Check the [official KServe documentation](https://kserve.github.io/website for more information. +Check the [official KServe documentation]( for more information. ## Contributing diff --git a/bitnami/kserve-localmodel-controller/README.md b/bitnami/kserve-localmodel-controller/README.md index ac3a1b8655f0..88b9c6fb64e7 100644 --- a/bitnami/kserve-localmodel-controller/README.md +++ b/bitnami/kserve-localmodel-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-localmodel-controller bitnami/kserve-localmodel-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe Local Model Node Agent in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-localmodel-controller bitnami/kserve-localmodel-controller:latest -- --help ``` -Check the [official KServe Local Model Node Agent documentation](https://kserve.github.io/website for more information. +Check the [official KServe Local Model Node Agent documentation]( for more information. ## Contributing diff --git a/bitnami/kserve-localmodelnode-agent/README.md b/bitnami/kserve-localmodelnode-agent/README.md index 326e1ea2a529..160261e04623 100644 --- a/bitnami/kserve-localmodelnode-agent/README.md +++ b/bitnami/kserve-localmodelnode-agent/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-localmodelnode-agent bitnami/kserve-localmodelnode-agent:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe Local Model Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-localmodelnode-agent bitnami/kserve-localmodelnode-agent:latest -- --help ``` -Check the [official KServe Local Model Controller documentation](https://kserve.github.io/website for more information. +Check the [official KServe Local Model Controller documentation]( for more information. ## Contributing diff --git a/bitnami/kserve-router/README.md b/bitnami/kserve-router/README.md index de1d8043b9bf..acdcc4d1989b 100644 --- a/bitnami/kserve-router/README.md +++ b/bitnami/kserve-router/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-router bitnami/kserve-router:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe Router in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-router bitnami/kserve-router:latest -- --help ``` -Check the [official KServe Router documentation](https://kserve.github.io/website for more information. +Check the [official KServe Router documentation]( for more information. ## Contributing diff --git a/bitnami/kserve-storage-initializer/README.md b/bitnami/kserve-storage-initializer/README.md index e98785e9d076..abe0750a76bc 100644 --- a/bitnami/kserve-storage-initializer/README.md +++ b/bitnami/kserve-storage-initializer/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-storage-initializer bitnami/kserve-storage-initializer:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KServe Storage Initializer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name kserve-storage-initializer bitnami/kserve-storage-initializer:latest -- --help ``` -Check the [official KServe Storage Initializer documentation](https://kserve.github.io/website for more information. +Check the [official KServe Storage Initializer documentation]( for more information. ## Contributing diff --git a/bitnami/ksql/7.5/README.md b/bitnami/ksql/7.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ksql/7.5/README.md +++ b/bitnami/ksql/7.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ksql/7.6/README.md b/bitnami/ksql/7.6/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ksql/7.6/README.md +++ b/bitnami/ksql/7.6/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ksql/7.7/README.md b/bitnami/ksql/7.7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ksql/7.7/README.md +++ b/bitnami/ksql/7.7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ksql/7.8/README.md b/bitnami/ksql/7.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ksql/7.8/README.md +++ b/bitnami/ksql/7.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ksql/7.9/README.md b/bitnami/ksql/7.9/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ksql/7.9/README.md +++ b/bitnami/ksql/7.9/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ksql/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/ksql/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/ksql/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/ksql/README.md b/bitnami/ksql/README.md index 58819d7a3436..a768918705d4 100644 --- a/bitnami/ksql/README.md +++ b/bitnami/ksql/README.md @@ -12,23 +12,28 @@ docker run --name ksql bitnami/ksql:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ksql in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker build -t bitnami/APP:latest . ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kube-arangodb/README.md b/bitnami/kube-arangodb/README.md index 826b3df5a85a..42c0b7f4d045 100644 --- a/bitnami/kube-arangodb/README.md +++ b/bitnami/kube-arangodb/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kube-arangodb bitnami/kube-arangodb:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ArangoDB Kubernetes Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/kube-rbac-proxy/README.md b/bitnami/kube-rbac-proxy/README.md index 343e3072bbaa..cb25b019c754 100644 --- a/bitnami/kube-rbac-proxy/README.md +++ b/bitnami/kube-rbac-proxy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kube-rbac-proxy bitnami/kube-rbac-proxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kube RBAC Proxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official Kube RBAC Proxy documentation](https://github.com/brancz/kub ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kube-state-metrics/README.md b/bitnami/kube-state-metrics/README.md index 96df6d8b0d77..a402aeb83ae0 100644 --- a/bitnami/kube-state-metrics/README.md +++ b/bitnami/kube-state-metrics/README.md @@ -11,14 +11,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy Kube-state-metrics on your [Kubernetes cluster](https://github.com/kubernetes/kube-state-metrics/tree/master/docs). +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kube State Metrics in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -26,12 +37,6 @@ Looking to use Kube State Metrics in production? Try [VMware Tanzu Application C Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -68,19 +73,19 @@ docker build -t bitnami/APP:latest . Resource usage changes with the size of the cluster. As a general rule, you should allocate -* 200MiB memory -* 0.1 cores +- 200MiB memory +- 0.1 cores For clusters of more than 100 nodes, allocate at least -* 2MiB memory per node -* 0.001 cores per node +- 2MiB memory per node +- 0.001 cores per node ## Notable Changes ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kubectl/1.31/README.md b/bitnami/kubectl/1.31/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kubectl/1.31/README.md +++ b/bitnami/kubectl/1.31/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kubectl/1.32/README.md b/bitnami/kubectl/1.32/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kubectl/1.32/README.md +++ b/bitnami/kubectl/1.32/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kubectl/README.md b/bitnami/kubectl/README.md index b473aff521dc..e1069ddb4cf5 100644 --- a/bitnami/kubectl/README.md +++ b/bitnami/kubectl/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubectl bitnami/kubectl:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kubectl in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -84,7 +89,7 @@ docker run --rm --name kubectl -v /path/to/your/kube/config:/.kube/config bitnam ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kuberay-apiserver/README.md b/bitnami/kuberay-apiserver/README.md index 8e20ec2a0928..7af845f40429 100644 --- a/bitnami/kuberay-apiserver/README.md +++ b/bitnami/kuberay-apiserver/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kuberay-apiserver bitnami/kuberay-apiserver ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KubeRay API Server in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official KubeRay API Server documentation](https://ray.io) for more i ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kuberay-operator/README.md b/bitnami/kuberay-operator/README.md index 4b7107211671..72406aef89bb 100644 --- a/bitnami/kuberay-operator/README.md +++ b/bitnami/kuberay-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kuberay-operator bitnami/kuberay-operator ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use KubeRay in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official KubeRay documentation](https://ray.io) for more information ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kuberay). +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. For production-ready deployments, we highly recommend utilizing its associated [Bitnami Helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kuberay). ## Contributing diff --git a/bitnami/kubernetes-event-exporter/README.md b/bitnami/kubernetes-event-exporter/README.md index 1ac7fc3b4acb..e31aa70d8f85 100644 --- a/bitnami/kubernetes-event-exporter/README.md +++ b/bitnami/kubernetes-event-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubernetes-event-exporter bitnami/kubernetes-event-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kubernetes Event Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ You can configure the containers [logging driver](https://docs.docker.com/engine ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/kubescape/3.0.3/README.md b/bitnami/kubescape/3.0.3/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/kubescape/3.0.3/README.md +++ b/bitnami/kubescape/3.0.3/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/kubescape/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kubescape/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/kubescape/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/kubescape/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/kubescape/README.md b/bitnami/kubescape/README.md index f7c0b5520357..a0e5ca4b8547 100644 --- a/bitnami/kubescape/README.md +++ b/bitnami/kubescape/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubescape bitnami/kubescape:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kubescape in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/laravel/11/README.md b/bitnami/laravel/11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/laravel/11/README.md +++ b/bitnami/laravel/11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/laravel/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/laravel/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/laravel/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/laravel/12/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/laravel/README.md b/bitnami/laravel/README.md index 58fff8154f34..b7bca5d5e67c 100644 --- a/bitnami/laravel/README.md +++ b/bitnami/laravel/README.md @@ -16,23 +16,28 @@ mkdir ~/myapp && cd ~/myapp docker run --name laravel -v ${PWD}/my-project:/app bitnami/laravel:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Laravel in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -134,7 +139,7 @@ where `` is the command you want to launch inside the container. ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing @@ -144,17 +149,17 @@ We'd love for you to contribute to this container. You can request new features We want to thank the following individuals for reporting vulnerabilities responsibly and helping improve the security of this container. -* [LEI WANG](https://github.com/ssst0n3): APP_KEY fixed into the docker image +- [LEI WANG](https://github.com/ssst0n3): APP_KEY fixed into the docker image ## Issues If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new). Be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/logstash/7/README.md b/bitnami/logstash/7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/logstash/7/README.md +++ b/bitnami/logstash/7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/logstash/8/README.md b/bitnami/logstash/8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/logstash/8/README.md +++ b/bitnami/logstash/8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/logstash/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/logstash/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/logstash/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/logstash/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/logstash/README.md b/bitnami/logstash/README.md index 73803907643d..1743e747c1af 100644 --- a/bitnami/logstash/README.md +++ b/bitnami/logstash/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name logstash bitnami/logstash:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Logstash in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -295,7 +300,7 @@ docker run --name logstash bitnami/logstash:latest ### 7.15.2-debian-10-r12 -* Pipeline configuration files (i.e. `default_config.conf`) are being added into the `/opt/bitnami/logstash/pipeline` directory, instead of `/opt/bitnami/logstash/config`. Subsequently, `LOGSTASH_CONF_FILENAME` was renamed to `LOGSTASH_PIPELINE_CONF_FILENAME`, and `LOGSTASH_CONF_STRING` was renamed to `LOGSTASH_PIPELINE_CONF_STRING`. +- Pipeline configuration files (i.e. `default_config.conf`) are being added into the `/opt/bitnami/logstash/pipeline` directory, instead of `/opt/bitnami/logstash/config`. Subsequently, `LOGSTASH_CONF_FILENAME` was renamed to `LOGSTASH_PIPELINE_CONF_FILENAME`, and `LOGSTASH_CONF_STRING` was renamed to `LOGSTASH_PIPELINE_CONF_STRING`. ## Using `docker-compose.yaml` diff --git a/bitnami/mariadb-galera/10.11/README.md b/bitnami/mariadb-galera/10.11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb-galera/10.11/README.md +++ b/bitnami/mariadb-galera/10.11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb-galera/10.6/README.md b/bitnami/mariadb-galera/10.6/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb-galera/10.6/README.md +++ b/bitnami/mariadb-galera/10.6/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb-galera/11.4/README.md b/bitnami/mariadb-galera/11.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb-galera/11.4/README.md +++ b/bitnami/mariadb-galera/11.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb-galera/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mariadb-galera/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mariadb-galera/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mariadb-galera/README.md b/bitnami/mariadb-galera/README.md index 783b44d4714f..e442484af2b0 100644 --- a/bitnami/mariadb-galera/README.md +++ b/bitnami/mariadb-galera/README.md @@ -17,14 +17,25 @@ docker run --name mariadb \ **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MariaDB Galera in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -36,12 +47,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links > NOTE: Debian 9 and Oracle Linux 7 images have been deprecated in favor of Debian 10 images. Bitnami will not longer publish new Docker images based on Debian 9 or Oracle Linux 7. @@ -278,7 +283,7 @@ Take into account those scripts are treated differently depending on the extensi Passing extra command-line flags to the mysqld service command is possible through the following env var: -* `MARIADB_EXTRA_FLAGS`: Flags to be appended to the startup command. No defaults +- `MARIADB_EXTRA_FLAGS`: Flags to be appended to the startup command. No defaults ```console docker run --name mariadb \ @@ -302,15 +307,15 @@ services: It is possible to configure the character set and collation used by default by the database with the following environment variables: -* `MARIADB_CHARACTER_SET`: The default character set to use. Default: `utf8` -* `MARIADB_COLLATE`: The default collation to use. Default: `utf8_general_ci` +- `MARIADB_CHARACTER_SET`: The default character set to use. Default: `utf8` +- `MARIADB_COLLATE`: The default collation to use. Default: `utf8_general_ci` ### Setting the root password on first run The root user and password can easily be setup with the Bitnami MariaDB Galera Docker image using the following environment variables: -* `MARIADB_ROOT_USER`: The database admin user. Defaults to `root`. -* `MARIADB_ROOT_PASSWORD`: The database admin user password. No defaults. +- `MARIADB_ROOT_USER`: The database admin user. Defaults to `root`. +- `MARIADB_ROOT_PASSWORD`: The database admin user password. No defaults. Passing the `MARIADB_ROOT_PASSWORD` environment variable when running the image for the first time will set the password of the `MARIADB_ROOT_USER` user to the value of `MARIADB_ROOT_PASSWORD`. @@ -410,17 +415,17 @@ services: LDAP configuration parameters must be specified if you wish to enable LDAP support for your MariaDB Galera cluster. The following environment variables are available to configure LDAP support: -* `MARIADB_ENABLE_LDAP`: Whether to enable LDAP authentication. Defaults to `no`. -* `LDAP_URI`: LDAP URL beginning in the form `ldap[s]:/:`. No defaults. -* `LDAP_BASE`: LDAP base DN. No defaults. -* `LDAP_BIND_DN`: LDAP bind DN. No defaults. -* `LDAP_BIND_PASSWORD`: LDAP bind password. No defaults. -* `LDAP_BASE_LOOKUP`: LDAP base lookup (Optional). No defaults. -* `LDAP_NSS_INITGROUPS_IGNOREUSERS`: LDAP ignored users. Defaults to `root,nslcd`. -* `LDAP_SCOPE`: LDAP search scope (Optional). No defaults. -* `LDAP_SEARCH_FILTER`: LDAP search filter on posix users (Optional). No defaults. -* `LDAP_SEARCH_MAP`: LDAP custom search attribute to be looked up on posix users (Optional). No defaults. -* `LDAP_TLS_REQCERT`: LDAP TLS check on server certificates (Optional). No defaults. +- `MARIADB_ENABLE_LDAP`: Whether to enable LDAP authentication. Defaults to `no`. +- `LDAP_URI`: LDAP URL beginning in the form `ldap[s]:/:`. No defaults. +- `LDAP_BASE`: LDAP base DN. No defaults. +- `LDAP_BIND_DN`: LDAP bind DN. No defaults. +- `LDAP_BIND_PASSWORD`: LDAP bind password. No defaults. +- `LDAP_BASE_LOOKUP`: LDAP base lookup (Optional). No defaults. +- `LDAP_NSS_INITGROUPS_IGNOREUSERS`: LDAP ignored users. Defaults to `root,nslcd`. +- `LDAP_SCOPE`: LDAP search scope (Optional). No defaults. +- `LDAP_SEARCH_FILTER`: LDAP search filter on posix users (Optional). No defaults. +- `LDAP_SEARCH_MAP`: LDAP custom search attribute to be looked up on posix users (Optional). No defaults. +- `LDAP_TLS_REQCERT`: LDAP TLS check on server certificates (Optional). No defaults. #### Step 1: Start MariaDB Galera with LDAP support @@ -468,10 +473,10 @@ Refer to the [OpenLDAP Administrator's Guide](https://www.openldap.org/doc/admin To secure the traffic you must mount the certificates files and set the following environment variables in all the cluster members: -* `MARIADB_ENABLE_TLS`: Whether to enable TLS for traffic. Defaults to `no`. -* `MARIADB_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `MARIADB_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `MARIADB_TLS_CA_FILE`: File containing the CA of the certificate. No defaults. +- `MARIADB_ENABLE_TLS`: Whether to enable TLS for traffic. Defaults to `no`. +- `MARIADB_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `MARIADB_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `MARIADB_TLS_CA_FILE`: File containing the CA of the certificate. No defaults. #### Start MariaDB Galera with secured traffic @@ -503,14 +508,14 @@ docker run -it --rm \ A **zero downtime** MariaDB Galera [replication](https://dev.mysql.com/doc/refman/5.7/en/server-option-variable-reference.html) cluster can easily be setup with the Bitnami MariaDB Galera Docker image by starting additional MariaDB Galera nodes. The following environment variables are available to configure the cluster: -* `MARIADB_GALERA_CLUSTER_BOOTSTRAP`: Whether node is first node of the cluster. No defaults. -* `MARIADB_GALERA_CLUSTER_NAME`: Galera cluster name. Default to `galera`. -* `MARIADB_GALERA_CLUSTER_ADDRESS`: Galera cluster address to join. Defaults to `gcomm://` on a bootstrap node. -* `MARIADB_GALERA_NODE_ADDRESS`: Node address to report to the Galera cluster. Defaults to eth0 address inside container. -* `MARIADB_GALERA_MARIABACKUP_USER`: [mariabackup](https://mariadb.com/kb/en/library/mariabackup-overview/) username for [State Snapshot Transfer(SST)](https://galeracluster.com/library/documentation/glossary.html#term-state-snapshot-transfer). Defaults to `mariabackup`. -* `MARIADB_GALERA_MARIABACKUP_PASSWORD`: [mariabackup](https://mariadb.com/kb/en/library/mariabackup-overview/) password for SST. No defaults. -* `MARIADB_REPLICATION_USER`: mariadb replication username. Defaults to `monitor`. -* `MARIADB_REPLICATION_PASSWORD`: mariadb replication user password. Defaults to `monitor`. +- `MARIADB_GALERA_CLUSTER_BOOTSTRAP`: Whether node is first node of the cluster. No defaults. +- `MARIADB_GALERA_CLUSTER_NAME`: Galera cluster name. Default to `galera`. +- `MARIADB_GALERA_CLUSTER_ADDRESS`: Galera cluster address to join. Defaults to `gcomm://` on a bootstrap node. +- `MARIADB_GALERA_NODE_ADDRESS`: Node address to report to the Galera cluster. Defaults to eth0 address inside container. +- `MARIADB_GALERA_MARIABACKUP_USER`: [mariabackup](https://mariadb.com/kb/en/library/mariabackup-overview/) username for [State Snapshot Transfer(SST)](https://galeracluster.com/library/documentation/glossary.html#term-state-snapshot-transfer). Defaults to `mariabackup`. +- `MARIADB_GALERA_MARIABACKUP_PASSWORD`: [mariabackup](https://mariadb.com/kb/en/library/mariabackup-overview/) password for SST. No defaults. +- `MARIADB_REPLICATION_USER`: mariadb replication username. Defaults to `monitor`. +- `MARIADB_REPLICATION_PASSWORD`: mariadb replication user password. Defaults to `monitor`. In a MariaDB Galera cluster the first node should be a bootstrap node (started with `MARIADB_GALERA_CLUSTER_BOOTSTRAP=yes`). The other nodes in the cluster should not be started with this environment variable, instead the `MARIADB_GALERA_CLUSTER_ADDRESS` variable should be specified. All the nodes in the MariaDB Galera cluster are in read-write mode and therefore offers high availability for high traffic applications. @@ -622,7 +627,7 @@ The Bitnami MariaDB Galera Docker image is designed to be extended so it can be Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by MariaDB, by setting the environment variables `MARIADB_PORT_NUMBER` or the character set using `MARIADB_CHARACTER_SET` respectively. +- Settings that can be adapted using environment variables. For instance, you can change the ports used by MariaDB, by setting the environment variables `MARIADB_PORT_NUMBER` or the character set using `MARIADB_CHARACTER_SET` respectively. If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -634,10 +639,10 @@ FROM bitnami/mariadb-galera Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the MariaDB configuration file -* Modify the ports used by MariaDB -* Change the user that runs the container +- Install the `vim` editor +- Modify the MariaDB configuration file +- Modify the ports used by MariaDB +- Change the user that runs the container ```Dockerfile FROM bitnami/mariadb-galera @@ -663,7 +668,7 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom configuration +- Add a custom configuration ```yaml version: '2' @@ -764,31 +769,31 @@ docker-compose up mariadb ## Useful Links -* [Create An AMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-amp-environment-containers/) -* [Create An EMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) +- [Create An AMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-amp-environment-containers/) +- [Create An EMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) ## Notable Changes ### 10.2.41-debian-10-r11, 10.3.32-debian-10-r11, 10.4.22-debian-10-r11, 10.5.13-debian-10-r10, 10.6.5-debian-10-r10, 10.3.38-r6-debian-11, 10.4.28-r6-debian-11, 10.5.19-r5-debian-11, 10.6.12-r5-debian-11, 10.7.8-r5-debian-11, 10.8.7-r5-debian-11, 10.9.5-r5-debian-11 and 10.10.3-r5-debian-11 -* The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. +- The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. ### 10.4.13-debian-10-r12, 10.3.23-debian-10-r14, 10.2.32-debian-10-r14 and 10.1.45-debian-10-r15 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. ### 10.4.12-debian-10-r53, 10.3.22-debian-10-r54, 10.2.31-debian-10-r53, and 10.1.44-debian-10-r53 -* The MariaDB Galera container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user, and the MySQL daemon was started as the `mysql` user. From now on, both the container and the MySQL daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. -* Consequences: - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the data site by creating a backup of the databse, and restoring it on a new MariaDB Galera container. In the link below you can find a guide that explain the whole process: - * [Create And Restore MySQL/MariaDB Backups](https://docs.bitnami.com/general/infrastructure/mariadb/administration/backup-restore-mysql-mariadb/) -* Environment variables related to LDAP configuration were renamed removing the `MARIADB_` prefix. For instance, to indicate the LDAP URI to use, you must set `LDAP_URI` instead of `MARIADB_LDAP_URI`. +- The MariaDB Galera container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user, and the MySQL daemon was started as the `mysql` user. From now on, both the container and the MySQL daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- Consequences: + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the data site by creating a backup of the databse, and restoring it on a new MariaDB Galera container. In the link below you can find a guide that explain the whole process: + - [Create And Restore MySQL/MariaDB Backups](https://docs.bitnami.com/general/infrastructure/mariadb/administration/backup-restore-mysql-mariadb/) +- Environment variables related to LDAP configuration were renamed removing the `MARIADB_` prefix. For instance, to indicate the LDAP URI to use, you must set `LDAP_URI` instead of `MARIADB_LDAP_URI`. ### 10.1.43-centos-7-r78, 10.2.30-centos-7-r40, 10.3.21-centos-7-r41, and 10.4.11-centos-7-r32 -* `10.1.43-centos-7-r78`, `10.2.30-centos-7-r40`, `10.3.21-centos-7-r41`, and `10.4.11-centos-7-r32` are considered the latest images based on CentOS. -* Standard supported distros: Debian & OEL. +- `10.1.43-centos-7-r78`, `10.2.30-centos-7-r40`, `10.3.21-centos-7-r41`, and `10.4.11-centos-7-r32` are considered the latest images based on CentOS. +- Standard supported distros: Debian & OEL. ## Using `docker-compose.yaml` diff --git a/bitnami/mariadb/10.11/README.md b/bitnami/mariadb/10.11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb/10.11/README.md +++ b/bitnami/mariadb/10.11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb/10.6/README.md b/bitnami/mariadb/10.6/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb/10.6/README.md +++ b/bitnami/mariadb/10.6/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb/11.4/README.md b/bitnami/mariadb/11.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mariadb/11.4/README.md +++ b/bitnami/mariadb/11.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mariadb/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mariadb/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mariadb/11.8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mariadb/README.md b/bitnami/mariadb/README.md index 93c87abc094e..b7218122fc3e 100644 --- a/bitnami/mariadb/README.md +++ b/bitnami/mariadb/README.md @@ -15,14 +15,25 @@ docker run --name mariadb -e ALLOW_EMPTY_PASSWORD=yes bitnami/mariadb:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MariaDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -250,7 +255,7 @@ Take into account those scripts are treated differently depending on the extensi Passing extra command-line flags to the mysqld service command is possible through the following env var: -* `MARIADB_EXTRA_FLAGS`: Flags to be appended to the startup command. No defaults +- `MARIADB_EXTRA_FLAGS`: Flags to be appended to the startup command. No defaults ```console docker run --name mariadb -e ALLOW_EMPTY_PASSWORD=yes -e MARIADB_EXTRA_FLAGS='--max-connect-errors=1000 --max_connections=155' bitnami/mariadb:latest @@ -272,16 +277,16 @@ services: It is possible to configure the character set and collation used by default by the database with the following environment variables: -* `MARIADB_CHARACTER_SET`: The default character set to use. Default: `utf8` -* `MARIADB_COLLATE`: The default collation to use. Default: `utf8_general_ci` +- `MARIADB_CHARACTER_SET`: The default character set to use. Default: `utf8` +- `MARIADB_COLLATE`: The default collation to use. Default: `utf8_general_ci` ### Setting the root password on first run The root user and password can easily be setup with the Bitnami MariaDB Docker image using the following environment variables: -* `MARIADB_ROOT_USER`: The database admin user. Defaults to `root`. -* `MARIADB_ROOT_PASSWORD`: The database admin user password. No defaults. -* `MARIADB_ROOT_PASSWORD_FILE`: Path to a file that contains the admin user password. This will override the value specified in `MARIADB_ROOT_PASSWORD`. No defaults. +- `MARIADB_ROOT_USER`: The database admin user. Defaults to `root`. +- `MARIADB_ROOT_PASSWORD`: The database admin user password. No defaults. +- `MARIADB_ROOT_PASSWORD_FILE`: Path to a file that contains the admin user password. This will override the value specified in `MARIADB_ROOT_PASSWORD`. No defaults. Passing the `MARIADB_ROOT_PASSWORD` environment variable when running the image for the first time will set the password of the `MARIADB_ROOT_USER` user to the value of `MARIADB_ROOT_PASSWORD`. @@ -402,8 +407,8 @@ services: By default MariaDB doesn't enable [slow query log](https://mariadb.com/kb/en/slow-query-log-overview/) to record the SQL queries that take a long time to perform. You can modify these settings using the following environment variables: -* `MARIADB_ENABLE_SLOW_QUERY`: Whether to enable slow query logs. Default: `0` -* `MARIADB_LONG_QUERY_TIME`: How much time, in seconds, defines a slow query. Default: `10.0` +- `MARIADB_ENABLE_SLOW_QUERY`: Whether to enable slow query logs. Default: `0` +- `MARIADB_LONG_QUERY_TIME`: How much time, in seconds, defines a slow query. Default: `10.0` Slow queries information is logged to the `/-slow.log` file by default, and you can easily check it with the `mysqldumpslow` tool ([link to docs](https://mariadb.com/kb/en/mysqldumpslow/)): @@ -434,16 +439,16 @@ In some platforms, the filesystem used for persistence could be slow. That could A **zero downtime** MariaDB master-slave [replication](https://dev.mysql.com/doc/refman/5.7/en/server-option-variable-reference.html) cluster can easily be setup with the Bitnami MariaDB Docker image using the following environment variables: -* `MARIADB_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. -* `MARIADB_REPLICATION_USER`: The replication user created on the master on first run. No defaults. -* `MARIADB_REPLICATION_PASSWORD`: The replication users password. No defaults. -* `MARIADB_REPLICATION_PASSWORD_FILE`: Path to a file that contains the replication user password. This will override the value specified in `MARIADB_REPLICATION_PASSWORD`. No defaults. -* `MARIADB_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. -* `MARIADB_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `3306`. -* `MARIADB_MASTER_ROOT_USER`: User on replication master with access to `MARIADB_DATABASE` (slave parameter). Defaults to `root` -* `MARIADB_MASTER_ROOT_PASSWORD`: Password of user on replication master with access to `MARIADB_DATABASE` (slave parameter). No defaults. -* `MARIADB_MASTER_ROOT_PASSWORD_FILE`: Path to a file that contains the password of user on replication master with access to `MARIADB_DATABASE`. This will override the value specified in `MARIADB_MASTER_ROOT_PASSWORD`. No defaults. -* `MARIADB_MASTER_DELAY`: The database replication delay (slave parameter). Defaults to `0`. +- `MARIADB_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. +- `MARIADB_REPLICATION_USER`: The replication user created on the master on first run. No defaults. +- `MARIADB_REPLICATION_PASSWORD`: The replication users password. No defaults. +- `MARIADB_REPLICATION_PASSWORD_FILE`: Path to a file that contains the replication user password. This will override the value specified in `MARIADB_REPLICATION_PASSWORD`. No defaults. +- `MARIADB_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. +- `MARIADB_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `3306`. +- `MARIADB_MASTER_ROOT_USER`: User on replication master with access to `MARIADB_DATABASE` (slave parameter). Defaults to `root` +- `MARIADB_MASTER_ROOT_PASSWORD`: Password of user on replication master with access to `MARIADB_DATABASE` (slave parameter). No defaults. +- `MARIADB_MASTER_ROOT_PASSWORD_FILE`: Path to a file that contains the password of user on replication master with access to `MARIADB_DATABASE`. This will override the value specified in `MARIADB_MASTER_ROOT_PASSWORD`. No defaults. +- `MARIADB_MASTER_DELAY`: The database replication delay (slave parameter). Defaults to `0`. In a replication cluster you can have one master and zero or more slaves. When replication is enabled the master node is in read-write mode, while the slaves are in read-only mode. For best performance its advisable to limit the reads to the slaves. @@ -586,7 +591,7 @@ The Bitnami MariaDB Docker image is designed to be extended so it can be used as Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by MariaDB, by setting the environment variables `MARIADB_PORT_NUMBER` or the character set using `MARIADB_CHARACTER_SET` respectively. +- Settings that can be adapted using environment variables. For instance, you can change the ports used by MariaDB, by setting the environment variables `MARIADB_PORT_NUMBER` or the character set using `MARIADB_CHARACTER_SET` respectively. If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -598,10 +603,10 @@ FROM bitnami/mariadb Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the MariaDB configuration file -* Modify the ports used by MariaDB -* Change the user that runs the container +- Install the `vim` editor +- Modify the MariaDB configuration file +- Modify the ports used by MariaDB +- Change the user that runs the container ```Dockerfile FROM bitnami/mariadb @@ -627,7 +632,7 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom configuration +- Add a custom configuration ```yaml version: '2' @@ -730,31 +735,31 @@ docker-compose up mariadb ## Useful Links -* [Create An AMP Development Environment With Bitnami Containers +- [Create An AMP Development Environment With Bitnami Containers ](https://docs.bitnami.com/containers/how-to/create-amp-environment-containers/) -* [Create An EMP Development Environment With Bitnami Containers +- [Create An EMP Development Environment With Bitnami Containers ](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) ## Notable Changes ### 10.4.34-debian-12-r4, 10.5.25-debian-12-r4, 10.6.18-debian-12-r4, 10.11.8-debian-12-r4, 11.1.5-debian-12-r4, 11.2.4-debian-12-r3, 11.3.2-debian-12-r8 -* `mysql_upgrade` can be forced at startup setting the env var `MARIADB_UPGRADE` to `FORCE`. +- `mysql_upgrade` can be forced at startup setting the env var `MARIADB_UPGRADE` to `FORCE`. ### 10.2.41-debian-10-r12, 10.3.32-debian-10-r13, 10.4.22-debian-10-r13, 10.5.13-debian-10-r14, 10.6.5-debian-10-r13, 10.3.38-debian-11-r5, 10.4.28-debian-11-r5, 10.5.19-debian-11-r5, 10.6.12-debian-11-r5, 10.7.8-debian-11-r5, 10.8.7-debian-11-r5, 10.9.5-debian-11-r5 and 10.10.3-debian-11-r6 -* The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. +- The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. ### 10.4.13-debian-10-r12, 10.3.23-debian-10-r14, 10.2.32-debian-10-r14 and 10.1.45-debian-10-r15 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. ### 10.1.36-r14 and 10.2.27-r36 -* Decrease the size of the container. It is not necessary Node.js anymore. MariaDB configuration moved to bash scripts in the `rootfs/` folder. -* The recommended mount point to persist data changes to `/bitnami/mariadb`. -* The MariaDB configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/mariadb/conf`. -* Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: +- Decrease the size of the container. It is not necessary Node.js anymore. MariaDB configuration moved to bash scripts in the `rootfs/` folder. +- The recommended mount point to persist data changes to `/bitnami/mariadb`. +- The MariaDB configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/mariadb/conf`. +- Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: ```console $ docker-compose down @@ -767,34 +772,34 @@ $ docker-compose up -d ### 10.1.28-r2 and 10.2.16-r2 -* The MariaDB container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MariaDB daemon was started as the `mysql` user. From now on, both the container and the MariaDB daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The MariaDB container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MariaDB daemon was started as the `mysql` user. From now on, both the container and the MariaDB daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 10.2.14-r2 and 10.1.32-r1 -* The mariadb conf file is not in a persistent volume by default. +- The mariadb conf file is not in a persistent volume by default. -* The user is able to specify a custom file in the default location '/opt/bitnami/mariadb/conf/my.cnf'. +- The user is able to specify a custom file in the default location '/opt/bitnami/mariadb/conf/my.cnf'. ### 10.1.28-r2 -* The mariadb container has been migrated to a non-root container approach. Previously the container run as root user and the mariadb daemon was started as mysql user. From now own, both the container and the mariadb daemon run as user 1001. As a consequence, the configuration files are writable by the user running the mariadb process. +- The mariadb container has been migrated to a non-root container approach. Previously the container run as root user and the mariadb daemon was started as mysql user. From now own, both the container and the mariadb daemon run as user 1001. As a consequence, the configuration files are writable by the user running the mariadb process. ### 10.1.24-r2 -* `VOLUME` instruction has been removed from the `Dockerfile`. +- `VOLUME` instruction has been removed from the `Dockerfile`. ### 10.1.21-r2 -* `MARIADB_MASTER_USER` has been renamed to `MARIADB_MASTER_ROOT_USER` -* `MARIADB_MASTER_PASSWORD` has been renamed to `MARIADB_MASTER_ROOT_PASSWORD` -* `MARIADB_ROOT_USER` has been added to the available env variables. It can be used to specify the admin user. -* `ALLOW_EMPTY_PASSWORD` has been added to the available env variables. It can be used to allow blank passwords for MariaDB. -* By default the MariaDB image requires a root password to start. You can specify it using the `MARIADB_ROOT_PASSWORD` env variable or disable this requirement by setting the `ALLOW_EMPTY_PASSWORD` env variable to `yes` (testing or development scenarios). +- `MARIADB_MASTER_USER` has been renamed to `MARIADB_MASTER_ROOT_USER` +- `MARIADB_MASTER_PASSWORD` has been renamed to `MARIADB_MASTER_ROOT_PASSWORD` +- `MARIADB_ROOT_USER` has been added to the available env variables. It can be used to specify the admin user. +- `ALLOW_EMPTY_PASSWORD` has been added to the available env variables. It can be used to allow blank passwords for MariaDB. +- By default the MariaDB image requires a root password to start. You can specify it using the `MARIADB_ROOT_PASSWORD` env variable or disable this requirement by setting the `ALLOW_EMPTY_PASSWORD` env variable to `yes` (testing or development scenarios). ### 10.1.13-r0 -* All volumes have been merged at `/bitnami/mariadb`. Now you only need to mount a single volume at `/bitnami/mariadb` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/mariadb`. Now you only need to mount a single volume at `/bitnami/mariadb` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/mastodon/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mastodon/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mastodon/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mastodon/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mastodon/README.md b/bitnami/mastodon/README.md index 878b55a1c3a0..339b1523f744 100644 --- a/bitnami/mastodon/README.md +++ b/bitnami/mastodon/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name mastodon bitnami/mastodon ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Mastodon in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -176,7 +181,7 @@ docker-compose up mastodon When you start the Mastodon image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. Please note that some variables are only considered when the container is started for the first time. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/mastodon/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/mastodon/docker-compose.yml) file present in this repository: ```yaml mastodon-api: @@ -186,7 +191,7 @@ When you start the Mastodon image, you can adjust the configuration of the insta ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name mastodon-api -p 80:8080 -p 443:8443 \ @@ -205,9 +210,9 @@ In addition to the official environment variables, the Bitnami Mastodon image ad Mastodon supports three running modes: -* Web: The Mastodon web frontend. It is the essential functional element of Mastodon. -* Streaming: Necessary for performing real-time interactions inside Mastodon. -* Sidekiq: Performs background operations like sending emails. +- Web: The Mastodon web frontend. It is the essential functional element of Mastodon. +- Streaming: Necessary for performing real-time interactions inside Mastodon. +- Sidekiq: Performs background operations like sending emails. The running mode is defined via the `MASTODON_MODE` environment variable. The possible values are `web`, `streaming` and `sidekiq`. @@ -215,7 +220,7 @@ The running mode is defined via the `MASTODON_MODE` environment variable. The po The Bitnami Mastodon container supports connecting the Mastodon application to an external database. This would be an example of using an external database for Mastodon. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/mastodon/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/mastodon/docker-compose.yml) file present in this repository: ```diff mastodon: @@ -230,7 +235,7 @@ The Bitnami Mastodon container supports connecting the Mastodon application to a ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name mastodon\ diff --git a/bitnami/matomo/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/matomo/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/matomo/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/matomo/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/matomo/README.md b/bitnami/matomo/README.md index 72b26ffcdb39..42cc29046a39 100644 --- a/bitnami/matomo/README.md +++ b/bitnami/matomo/README.md @@ -16,14 +16,25 @@ docker run --name matomo bitnami/matomo:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Matomo in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -31,12 +42,6 @@ Looking to use Matomo in production? Try [VMware Tanzu Application Catalog](http Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -246,8 +251,8 @@ Bitnami provides up-to-date versions of MariaDB and Matomo, including security p 2. Stop your container - * For docker-compose: `$ docker-compose stop matomo` - * For manual execution: `$ docker stop matomo` + - For docker-compose: `$ docker-compose stop matomo` + - For manual execution: `$ docker stop matomo` 3. Take a snapshot of the application state @@ -261,13 +266,13 @@ Bitnami provides up-to-date versions of MariaDB and Matomo, including security p 4. Remove the currently running container - * For docker-compose: `$ docker-compose rm -v matomo` - * For manual execution: `$ docker rm -v matomo` + - For docker-compose: `$ docker-compose rm -v matomo` + - For manual execution: `$ docker rm -v matomo` 5. Run the new image - * For docker-compose: `$ docker-compose up matomo` - * For manual execution (mount the directories if needed): `docker run --name matomo bitnami/matomo:latest` + - For docker-compose: `$ docker-compose up matomo` + - For manual execution (mount the directories if needed): `docker run --name matomo bitnami/matomo:latest` ## Configuration @@ -327,7 +332,7 @@ When you start the Matomo image, you can adjust the configuration of the instanc If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: ```yaml application: @@ -337,7 +342,7 @@ application: ... ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console docker run -d -e MATOMO_PASSWORD=my_password -p 80:80 --name matomo -v /your/local/path/bitnami/matomo:/bitnami --net=matomo_network bitnami/matomo @@ -347,7 +352,7 @@ application: This would be an example of reverse proxy configuration: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: ```yaml application: @@ -359,7 +364,7 @@ This would be an example of reverse proxy configuration: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name matomo -p 80:80 -p 443:443 \ @@ -379,7 +384,7 @@ This would be an example of reverse proxy configuration: This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/matomo/docker-compose.yml) file present in this repository: ```yaml matomo: @@ -395,7 +400,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console docker run -d --name matomo -p 80:8080 -p 443:8443 \ @@ -418,10 +423,10 @@ The Bitnami Matomo Docker image is designed to be extended so it can be used as Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -433,9 +438,9 @@ FROM bitnami/matomo Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache ```Dockerfile FROM bitnami/matomo @@ -502,11 +507,11 @@ From this version on, all Matomo files are persisted (MATOMO_DATA_TO_PERSIST env ### 3.14.1-debian-10-r82 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* The Matomo container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: - * The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Matomo site by exporting its content, and importing it on a new Matomo container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The Matomo container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: + - The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Matomo site by exporting its content, and importing it on a new Matomo container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. To upgrade a previous Bitnami Matomo container image, which did not support non-root, the easiest way is to start the new image as a root user and updating the port numbers. Modify your docker-compose.yml file as follows: @@ -523,10 +528,10 @@ To upgrade a previous Bitnami Matomo container image, which did not support non- ### 3.9.1-debian-9-r51 and 3.9.1-ol-7-r62 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ## Contributing diff --git a/bitnami/memcached-exporter/README.md b/bitnami/memcached-exporter/README.md index a2317e493000..f34841d76ab6 100644 --- a/bitnami/memcached-exporter/README.md +++ b/bitnami/memcached-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name memcached-exporter bitnami/memcached-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Memcached Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Memcached Exporter in production? Try [VMware Tanzu Application C Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -148,11 +153,11 @@ docker run --name memcached-exporter bitnami/memcached-exporter:latest ### Starting April 22, 2025 -* The `bitnami/memcached-exporter` is now based on scratch, meaning that the container image only contains the memcached_exporter binary and its license files. +- The `bitnami/memcached-exporter` is now based on scratch, meaning that the container image only contains the memcached_exporter binary and its license files. ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/memcached/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/memcached/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/memcached/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/memcached/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/memcached/README.md b/bitnami/memcached/README.md index 73b7b4415f79..7a59c0c57f44 100644 --- a/bitnami/memcached/README.md +++ b/bitnami/memcached/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name memcached bitnami/memcached:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Memcached in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -300,8 +305,8 @@ Refer to the [Memcached man page](https://www.unix.com/man-page/linux/1/memcache In order to load your own SASL configuration file, you will have to make them available to the container. You can do it doing the following: -* Mounting a volume with your custom configuration -* Adding custom configuration via environment variable. +- Mounting a volume with your custom configuration +- Adding custom configuration via environment variable. By default, when authentication is enabled the SASL configuration of Memcached is written to `/opt/bitnami/memcached/sasl2/memcached.conf` file with the following content: @@ -373,26 +378,26 @@ docker-compose up memcached ### 1.5.18-debian-9-r13 and 1.5.19-ol-7-r1 -* Fixes regression in Memcached Authentication introduced in release `1.5.18-debian-9-r6` and `1.5.18-ol-7-r7` (#62). +- Fixes regression in Memcached Authentication introduced in release `1.5.18-debian-9-r6` and `1.5.18-ol-7-r7` (#62). ### 1.5.18-debian-9-r6 and 1.5.18-ol-7-r7 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/ folder. -* Custom SASL configuration should be mounted at `/opt/bitnami/memcached/conf/sasl2/` instead of `/bitnami/memcached/conf/`. -* Password for Memcached admin user can be specified in the content of the file specified in `MEMCACHED_PASSWORD_FILE`. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/ folder. +- Custom SASL configuration should be mounted at `/opt/bitnami/memcached/conf/sasl2/` instead of `/bitnami/memcached/conf/`. +- Password for Memcached admin user can be specified in the content of the file specified in `MEMCACHED_PASSWORD_FILE`. ### 1.5.0-r1 -* The memcached container has been migrated to a non-root container approach. Previously the container run as `root` user and the memcached daemon was started as `memcached` user. From now own, both the container and the memcached daemon run as user `1001`. +- The memcached container has been migrated to a non-root container approach. Previously the container run as `root` user and the memcached daemon was started as `memcached` user. From now own, both the container and the memcached daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the memcached process. ### 1.4.25-r4 -* `MEMCACHED_USER` parameter has been renamed to `MEMCACHED_USERNAME`. +- `MEMCACHED_USER` parameter has been renamed to `MEMCACHED_USERNAME`. ### 1.4.25-r0 -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/metallb-controller/README.md b/bitnami/metallb-controller/README.md index 09a001c4548d..66675493b769 100644 --- a/bitnami/metallb-controller/README.md +++ b/bitnami/metallb-controller/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name metallb-controller bitnami/metallb-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MetalLB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Consult the [metallb Reference Documentation](https://metallb.universe.tf/config ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/metallb-speaker/README.md b/bitnami/metallb-speaker/README.md index 0171f16c1963..55d0c0bcae7d 100644 --- a/bitnami/metallb-speaker/README.md +++ b/bitnami/metallb-speaker/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name metallb-speaker bitnami/metallb-speaker:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MetalLB Speaker in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Consult the [metallb Reference Documentation](https://metallb.universe.tf/config ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/metrics-server/README.md b/bitnami/metrics-server/README.md index 686e79691f4f..b816517cce66 100644 --- a/bitnami/metrics-server/README.md +++ b/bitnami/metrics-server/README.md @@ -15,14 +15,25 @@ Deploy Metrics Server on your [Kubernetes cluster](https://github.com/kubernetes docker run --name metrics-server bitnami/metrics-server:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Metrics Server in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -58,7 +63,7 @@ For further documentation, please check [here](https://github.com/kubernetes-inc ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing @@ -69,11 +74,11 @@ request](https://github.com/bitnami/containers/pulls/new) with your contribution -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/milvus/README.md b/bitnami/milvus/README.md index ac641c1fcadb..d6c84eda5592 100644 --- a/bitnami/milvus/README.md +++ b/bitnami/milvus/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name milvus bitnami/milvus ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Milvus in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Milvus documentation](https://milvus.io/docs/) for more info ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/minio-client/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/minio-client/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/minio-client/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/minio-client/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/minio-client/README.md b/bitnami/minio-client/README.md index f9c17e080126..14d7c5174cc0 100644 --- a/bitnami/minio-client/README.md +++ b/bitnami/minio-client/README.md @@ -13,14 +13,25 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio-client bitnami/minio-client:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Bitnami Object Storage Client based on MinIO® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Bitnami Object Storage Client based on MinIO® in production? Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -132,11 +137,11 @@ docker run --rm --name minio-client \ MinIO(R) Client (`mc`) can be setup so it is already configured to point to a specific MinIO(R) server by providing the environment variables below: -* `MINIO_SERVER_HOST`: MinIO(R) server host. -* `MINIO_SERVER_PORT_NUMBER`: MinIO(R) server port. Default: `9000`. -* `MINIO_SERVER_SCHEME`: MinIO(R) server scheme. Default: `http`. -* `MINIO_SERVER_ACCESS_KEY`: MinIO(R) server Access Key. Must be common on every node. -* `MINIO_SERVER_SECRET_KEY`: MinIO(R) server Secret Key. Must be common on every node. +- `MINIO_SERVER_HOST`: MinIO(R) server host. +- `MINIO_SERVER_PORT_NUMBER`: MinIO(R) server port. Default: `9000`. +- `MINIO_SERVER_SCHEME`: MinIO(R) server scheme. Default: `http`. +- `MINIO_SERVER_ACCESS_KEY`: MinIO(R) server Access Key. Must be common on every node. +- `MINIO_SERVER_SECRET_KEY`: MinIO(R) server Secret Key. Must be common on every node. For instance, use the command below to create a new bucket in the MinIO(R) Server `my.minio.domain`: @@ -155,7 +160,7 @@ Find more information about the client configuration in the [MinIO(R) Client doc ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/minio-object-browser/README.md b/bitnami/minio-object-browser/README.md index ed35e434cf73..2e17faff9acd 100644 --- a/bitnami/minio-object-browser/README.md +++ b/bitnami/minio-object-browser/README.md @@ -13,14 +13,25 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio-object-browser bitnami/minio-object-browser:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Bitnami Console based on MinIO® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Bitnami Console based on MinIO® in production? Try [VMware Ta Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/minio-operator-sidecar/README.md b/bitnami/minio-operator-sidecar/README.md index 86c0a982b8df..840cd2208487 100644 --- a/bitnami/minio-operator-sidecar/README.md +++ b/bitnami/minio-operator-sidecar/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name minio-operator-sidecar bitnami/minio-operator-sidecar:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Storage based on MinIO® Sidecar in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/minio-operator/README.md b/bitnami/minio-operator/README.md index b7d220135baf..8f41fd9a3ebb 100644 --- a/bitnami/minio-operator/README.md +++ b/bitnami/minio-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name minio-operator bitnami/minio-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Storage based on MinIO® Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/minio/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/minio/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/minio/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/minio/2025/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/minio/README.md b/bitnami/minio/README.md index 560761382fac..8120fbb20c21 100644 --- a/bitnami/minio/README.md +++ b/bitnami/minio/README.md @@ -13,14 +13,25 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio bitnami/minio:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Bitnami Object Storage based on MinIO® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -320,10 +325,10 @@ services: You can configure MinIO(R) in Distributed Mode to setup a highly-available storage system. To do so, the environment variables below **must** be set on each node: -* `MINIO_DISTRIBUTED_MODE_ENABLED`: Set it to 'yes' to enable Distributed Mode. -* `MINIO_DISTRIBUTED_NODES`: List of MinIO(R) nodes hosts. Available separators are ' ', ',' and ';'. -* `MINIO_ROOT_USER`: MinIO(R) server root user. Must be common on every node. -* `MINIO_ROOT_PASSWORD`: MinIO(R) server root password. Must be common on every node. +- `MINIO_DISTRIBUTED_MODE_ENABLED`: Set it to 'yes' to enable Distributed Mode. +- `MINIO_DISTRIBUTED_NODES`: List of MinIO(R) nodes hosts. Available separators are ' ', ',' and ';'. +- `MINIO_ROOT_USER`: MinIO(R) server root user. Must be common on every node. +- `MINIO_ROOT_PASSWORD`: MinIO(R) server root password. Must be common on every node. You can use the Docker Compose below to create an 4-node distributed MinIO(R) setup: @@ -536,11 +541,11 @@ We'd love for you to contribute to this Docker image. You can request new featur If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new/choose). For us to provide better support, be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/mlflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mlflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mlflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mlflow/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mlflow/README.md b/bitnami/mlflow/README.md index 035ce74a90db..9e7943115324 100644 --- a/bitnami/mlflow/README.md +++ b/bitnami/mlflow/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name mlflow bitnami/mlflow:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MLflow in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use MLflow in production? Try [VMware Tanzu Application Catalog](http Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker run -it --name mlflow -v /path/to/app:/app bitnami/mlflow \ **Further Reading:** -* [mlflow documentation](https://mlflow.org/docs/) +- [mlflow documentation](https://mlflow.org/docs/) ## Maintenance @@ -126,7 +131,7 @@ docker run --name mlflow bitnami/mlflow:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/mongodb-exporter/README.md b/bitnami/mongodb-exporter/README.md index 5c14ff929f1c..ab324f91c288 100644 --- a/bitnami/mongodb-exporter/README.md +++ b/bitnami/mongodb-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mongodb-exporter bitnami/mongodb-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MongoDB Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use MongoDB Exporter in production? Try [VMware Tanzu Application Cat Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name mongodb-exporter bitnami/mongodb-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/mongodb-sharded/7.0/README.md b/bitnami/mongodb-sharded/7.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mongodb-sharded/7.0/README.md +++ b/bitnami/mongodb-sharded/7.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mongodb-sharded/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mongodb-sharded/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mongodb-sharded/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mongodb-sharded/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mongodb-sharded/README.md b/bitnami/mongodb-sharded/README.md index 498c403c0c71..59faba1d7efd 100644 --- a/bitnami/mongodb-sharded/README.md +++ b/bitnami/mongodb-sharded/README.md @@ -13,14 +13,25 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the docker run --name mongodb bitnami/mongodb-sharded:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MongoDB® Sharded in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -82,7 +87,7 @@ docker run \ or by modifying the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/mongodb-sharded/docker-compose.yml) file present in this repository: -* Create directories to hold the persistence data. At minimum you will need one directory for each mongo instance running in the sharded cluster. For example, that means one directory for mongos, mongocfg and mongoshard. You need to assign read write permission to UID 1001 (ie. mkdir [directory] && chown 1001:1001 [directory] && chmod 777 [directory]) to all directories. +- Create directories to hold the persistence data. At minimum you will need one directory for each mongo instance running in the sharded cluster. For example, that means one directory for mongos, mongocfg and mongoshard. You need to assign read write permission to UID 1001 (ie. mkdir [directory] && chown 1001:1001 [directory] && chmod 777 [directory]) to all directories. ```yaml services: @@ -195,21 +200,21 @@ services: In a sharded cluster, there are [three components](https://docs.mongodb.com/manual/sharding/#sharded-cluster): -* Mongos: Interface between the applications and the sharded database. -* Config Servers: Stores metadata and configuration settings for the sharded database. -* Shards: Contains a subset of the data. +- Mongos: Interface between the applications and the sharded database. +- Config Servers: Stores metadata and configuration settings for the sharded database. +- Shards: Contains a subset of the data. A [sharded cluster](https://docs.mongodb.com/manual/sharding/#sharded-cluster) can easily be setup with the Bitnami MongoDB® Sharded Docker Image using the following environment variables: -* `MONGODB_SHARDING_MODE`: The sharding mode. Possible values: `mongos`/`configsvr`/`shardsvr`. No defaults. -* `MONGODB_REPLICA_SET_NAME`: MongoDB® replica set name. In a sharded cluster we will have multiple replica sets. Default: **replicaset** -* `MONGODB_MONGOS_HOST`: MongoDB® mongos instance host. No defaults. -* `MONGODB_CFG_REPLICA_SET_NAME`: MongoDB® config server replica set name. In a sharded cluster we will have multiple replica sets. Default: **replicaset** -* `MONGODB_CFG_PRIMARY_HOST`: MongoDB® config server primary host. No defaults. -* `MONGODB_ADVERTISED_HOSTNAME`: MongoDB® advertised hostname. No defaults. It is recommended to pass this environment variable if you experience issues with ephemeral IPs. Setting this env var makes the nodes of the replica set to be configured with a hostname instead of the machine IP. -* `MONGODB_REPLICA_SET_KEY`: MongoDB® replica set key. Length should be greater than 5 characters and should not contain any special characters. Required for all nodes in the sharded cluster. No default. -* `MONGODB_ROOT_PASSWORD`: MongoDB® root password. No defaults. -* `MONGODB_REPLICA_SET_MODE`: The replication mode. Possible values `primary`/`secondary`/`arbiter`. No defaults. +- `MONGODB_SHARDING_MODE`: The sharding mode. Possible values: `mongos`/`configsvr`/`shardsvr`. No defaults. +- `MONGODB_REPLICA_SET_NAME`: MongoDB® replica set name. In a sharded cluster we will have multiple replica sets. Default: **replicaset** +- `MONGODB_MONGOS_HOST`: MongoDB® mongos instance host. No defaults. +- `MONGODB_CFG_REPLICA_SET_NAME`: MongoDB® config server replica set name. In a sharded cluster we will have multiple replica sets. Default: **replicaset** +- `MONGODB_CFG_PRIMARY_HOST`: MongoDB® config server primary host. No defaults. +- `MONGODB_ADVERTISED_HOSTNAME`: MongoDB® advertised hostname. No defaults. It is recommended to pass this environment variable if you experience issues with ephemeral IPs. Setting this env var makes the nodes of the replica set to be configured with a hostname instead of the machine IP. +- `MONGODB_REPLICA_SET_KEY`: MongoDB® replica set key. Length should be greater than 5 characters and should not contain any special characters. Required for all nodes in the sharded cluster. No default. +- `MONGODB_ROOT_PASSWORD`: MongoDB® root password. No defaults. +- `MONGODB_REPLICA_SET_MODE`: The replication mode. Possible values `primary`/`secondary`/`arbiter`. No defaults. #### Step 1: Create the config server replica set @@ -398,12 +403,12 @@ docker-compose up mongodb-sharded ### 4.4.8-debian-10-r32, and 5.0.2-debian-10-r0 -* From now on, "Default Write Concern" need to be set before adding new members (secondary, arbiter or hidden) to the cluster. In order to maintain the safest default configuration, `{"setDefaultRWConcern" : 1, "defaultWriteConcern" : {"w" : "majority"}}` is configured before adding new members. See and +- From now on, "Default Write Concern" need to be set before adding new members (secondary, arbiter or hidden) to the cluster. In order to maintain the safest default configuration, `{"setDefaultRWConcern" : 1, "defaultWriteConcern" : {"w" : "majority"}}` is configured before adding new members. See and ### 3.6.16-centos-7-r49, 4.0.14-centos-7-r29, and 4.2.2-centos-7-r41 -* `3.6.16-centos-7-r49`, `4.0.14-centos-7-r29`, and `4.2.2-centos-7-r41` are considered the latest images based on CentOS. -* Standard supported distros: Debian & OEL. +- `3.6.16-centos-7-r49`, `4.0.14-centos-7-r29`, and `4.2.2-centos-7-r41` are considered the latest images based on CentOS. +- Standard supported distros: Debian & OEL. ## Using `docker-compose.yaml` diff --git a/bitnami/mongodb/7.0/README.md b/bitnami/mongodb/7.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mongodb/7.0/README.md +++ b/bitnami/mongodb/7.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mongodb/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mongodb/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mongodb/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mongodb/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mongodb/README.md b/bitnami/mongodb/README.md index 774e3fa0062b..7448957dd63a 100644 --- a/bitnami/mongodb/README.md +++ b/bitnami/mongodb/README.md @@ -13,14 +13,25 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the docker run --name mongodb bitnami/mongodb:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MongoDB® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -254,8 +259,8 @@ In order to have your custom files inside the docker image you can mount them as Passing extra command-line flags to the mongod service command is possible through the following env var: -* `MONGODB_EXTRA_FLAGS`: Flags to be appended to the `mongod` startup command. No defaults -* `MONGODB_CLIENT_EXTRA_FLAGS`: Flags to be appended to the `mongo` command which is used to connect to the (local or remote) `mongod` daemon. No defaults +- `MONGODB_EXTRA_FLAGS`: Flags to be appended to the `mongod` startup command. No defaults +- `MONGODB_CLIENT_EXTRA_FLAGS`: Flags to be appended to the `mongo` command which is used to connect to the (local or remote) `mongod` daemon. No defaults ```console docker run --name mongodb -e ALLOW_EMPTY_PASSWORD=yes -e MONGODB_EXTRA_FLAGS='--wiredTigerCacheSizeGB=2' bitnami/mongodb:latest @@ -277,8 +282,8 @@ services: Configuring the system log verbosity level is possible through the following env vars: -* `MONGODB_DISABLE_SYSTEM_LOG`: Whether to enable/disable system log on MongoDB®. Default: `false`. Possible values: `[true, false]`. -* `MONGODB_SYSTEM_LOG_VERBOSITY`: MongoDB® system log verbosity level. Default: `0`. Possible values: `[0, 1, 2, 3, 4, 5]`. For more information about the verbosity levels please refer to the [MongoDB® documentation](https://docs.mongodb.com/manual/reference/configuration-options/#systemLog.verbosity) +- `MONGODB_DISABLE_SYSTEM_LOG`: Whether to enable/disable system log on MongoDB®. Default: `false`. Possible values: `[true, false]`. +- `MONGODB_SYSTEM_LOG_VERBOSITY`: MongoDB® system log verbosity level. Default: `0`. Possible values: `[0, 1, 2, 3, 4, 5]`. For more information about the verbosity levels please refer to the [MongoDB® documentation](https://docs.mongodb.com/manual/reference/configuration-options/#systemLog.verbosity) ```console docker run --name mongodb -e ALLOW_EMPTY_PASSWORD=yes -e MONGODB_SYSTEM_LOG_VERBOSITY='3' bitnami/mongodb:latest @@ -304,7 +309,7 @@ services: Enabling/disabling IPv6 is possible through the following env var: -* `MONGODB_ENABLE_IPV6`: Whether to enable/disable IPv6 on MongoDB®. Default: `false`. Possible values: `[true, false]` +- `MONGODB_ENABLE_IPV6`: Whether to enable/disable IPv6 on MongoDB®. Default: `false`. Possible values: `[true, false]` To enable IPv6 support, you can execute: @@ -328,7 +333,7 @@ services: Enabling/disabling [directoryPerDB](https://docs.mongodb.com/manual/reference/configuration-options/#storage.directoryPerDB) is possible through the following env var: -* `MONGODB_ENABLE_DIRECTORY_PER_DB`: Whether to enable/disable directoryPerDB on MongoDB®. Default: `true`. Possible values: `[true, false]` +- `MONGODB_ENABLE_DIRECTORY_PER_DB`: Whether to enable/disable directoryPerDB on MongoDB®. Default: `true`. Possible values: `[true, false]` ```console docker run --name mongodb -e ALLOW_EMPTY_PASSWORD=yes -e MONGODB_ENABLE_DIRECTORY_PER_DB=yes bitnami/mongodb:latest @@ -350,7 +355,7 @@ services: Enabling/disabling [journal](https://docs.mongodb.com/manual/reference/configuration-options/#mongodb-setting-storage.journal.enabled) is possible through the following env var: -* `MONGODB_ENABLE_JOURNAL`: Whether to enable/disable journaling on MongoDB®. Default: `true`. Possible values: `[true, false]` +- `MONGODB_ENABLE_JOURNAL`: Whether to enable/disable journaling on MongoDB®. Default: `true`. Possible values: `[true, false]` ```console docker run --name mongodb -e ALLOW_EMPTY_PASSWORD=yes -e MONGODB_ENABLE_JOURNAL=true bitnami/mongodb:latest @@ -420,18 +425,18 @@ Creation of a user enables authentication on the MongoDB® server and as a re A [replication](https://docs.mongodb.com/manual/replication/) cluster can easily be setup with the Bitnami MongoDB® Docker Image using the following environment variables: -* `MONGODB_REPLICA_SET_MODE`: The replication mode. Possible values `primary`/`secondary`/`arbiter`. No defaults. -* `MONGODB_REPLICA_SET_NAME`: MongoDB® replica set name. Default: **replicaset** -* `MONGODB_PORT_NUMBER`: The port each MongoDB® will use. Default: **27017** -* `MONGODB_INITIAL_PRIMARY_HOST`: MongoDB® initial primary host, once the replicaset is created any node can be eventually promoted to be the primary. No defaults. -* `MONGODB_INITIAL_PRIMARY_PORT_NUMBER`: MongoDB® initial primary node port, as seen by other nodes. Default: **27017** -* `MONGODB_ADVERTISED_HOSTNAME`: MongoDB® advertised hostname. No defaults. It is recommended to pass this environment variable if you experience issues with ephemeral IPs. Setting this env var makes the nodes of the replica set to be configured with a hostname instead of the machine IP. -* `MONGODB_ADVERTISE_IP`: MongoDB® advertised hostname is set to container ip. Default: **false**. Overrides `MONGODB_ADVERTISED_HOSTNAME` -* `MONGODB_ADVERTISED_PORT_NUMBER`: MongoDB® advertised port number. No defaults. It is recommended to pass this environment variable if you have a proxy port forwarding requests to container. -* `MONGODB_REPLICA_SET_KEY`: MongoDB® replica set key. Length should be greater than 5 characters and should not contain any special characters. Required for all nodes. No default. -* `MONGODB_ROOT_USER`: MongoDB® root user name. Default: **root**. -* `MONGODB_ROOT_PASSWORD`: MongoDB® root password. No defaults. Only for primary node. -* `MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD`: MongoDB® initial primary root password. No defaults. Only for secondaries and arbiter nodes. +- `MONGODB_REPLICA_SET_MODE`: The replication mode. Possible values `primary`/`secondary`/`arbiter`. No defaults. +- `MONGODB_REPLICA_SET_NAME`: MongoDB® replica set name. Default: **replicaset** +- `MONGODB_PORT_NUMBER`: The port each MongoDB® will use. Default: **27017** +- `MONGODB_INITIAL_PRIMARY_HOST`: MongoDB® initial primary host, once the replicaset is created any node can be eventually promoted to be the primary. No defaults. +- `MONGODB_INITIAL_PRIMARY_PORT_NUMBER`: MongoDB® initial primary node port, as seen by other nodes. Default: **27017** +- `MONGODB_ADVERTISED_HOSTNAME`: MongoDB® advertised hostname. No defaults. It is recommended to pass this environment variable if you experience issues with ephemeral IPs. Setting this env var makes the nodes of the replica set to be configured with a hostname instead of the machine IP. +- `MONGODB_ADVERTISE_IP`: MongoDB® advertised hostname is set to container ip. Default: **false**. Overrides `MONGODB_ADVERTISED_HOSTNAME` +- `MONGODB_ADVERTISED_PORT_NUMBER`: MongoDB® advertised port number. No defaults. It is recommended to pass this environment variable if you have a proxy port forwarding requests to container. +- `MONGODB_REPLICA_SET_KEY`: MongoDB® replica set key. Length should be greater than 5 characters and should not contain any special characters. Required for all nodes. No default. +- `MONGODB_ROOT_USER`: MongoDB® root user name. Default: **root**. +- `MONGODB_ROOT_PASSWORD`: MongoDB® root password. No defaults. Only for primary node. +- `MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD`: MongoDB® initial primary root password. No defaults. Only for secondaries and arbiter nodes. In a replication cluster you can have one primary node, zero or more secondary nodes and zero or one arbiter node. @@ -656,13 +661,13 @@ Another option would be to use letsencrypt certificates; the required configurat #### Generating self-signed certificates -* Generate a new private key which will be used to create your own Certificate Authority (CA): +- Generate a new private key which will be used to create your own Certificate Authority (CA): ```console openssl genrsa -out mongoCA.key 2048 ``` -* Create the public certificate for your own CA: +- Create the public certificate for your own CA: ```console openssl req -x509 -new \ @@ -670,7 +675,7 @@ openssl req -x509 -new \ -key mongoCA.key -out mongoCA.crt ``` -* Create a Certificate Signing Request for a node `${NODE_NAME}`, the essential part here is that the `Common Name` corresponds to the hostname by which the nodes will be addressed. +- Create a Certificate Signing Request for a node `${NODE_NAME}`, the essential part here is that the `Common Name` corresponds to the hostname by which the nodes will be addressed. Example for `mongodb-primary`: ```console @@ -680,7 +685,7 @@ openssl req -new -nodes \ -keyout ${NODE_NAME}.key -out ${NODE_NAME}.csr ``` -* Create a certificate from the Certificate Signing Request and sign it using the private key of your previously created Certificate Authority: +- Create a certificate from the Certificate Signing Request and sign it using the private key of your previously created Certificate Authority: ```console openssl x509 \ @@ -688,7 +693,7 @@ openssl x509 \ -CA mongoCA.crt -CAkey mongoCA.key -CAcreateserial -extensions req ``` -* Create a PEM bundle using the private key and the public certificate: +- Create a PEM bundle using the private key and the public certificate: ```console cat ${NODE_NAME}.key ${NODE_NAME}.crt > ${NODE_NAME}.pem @@ -708,15 +713,15 @@ After having generated the certificates and making them available to the contain Example settings for the primary node `mongodb-primary`: -* `MONGODB_ADVERTISED_HOSTNAME=mongodb-primary` -* `MONGODB_EXTRA_FLAGS=--tlsMode=requireTLS --tlsCertificateKeyFile=/certificates/mongodb-primary.pem --tlsClusterFile=/certificates/mongodb-primary.pem --tlsCAFile=/certificates/mongoCA.crt` -* `MONGODB_CLIENT_EXTRA_FLAGS=--tls --tlsCertificateKeyFile=/certificates/mongodb-primary.pem --tlsCAFile=/certificates/mongoCA.crt` +- `MONGODB_ADVERTISED_HOSTNAME=mongodb-primary` +- `MONGODB_EXTRA_FLAGS=--tlsMode=requireTLS --tlsCertificateKeyFile=/certificates/mongodb-primary.pem --tlsClusterFile=/certificates/mongodb-primary.pem --tlsCAFile=/certificates/mongoCA.crt` +- `MONGODB_CLIENT_EXTRA_FLAGS=--tls --tlsCertificateKeyFile=/certificates/mongodb-primary.pem --tlsCAFile=/certificates/mongoCA.crt` Example corresponding settings for a secondary node `mongodb-secondary`: -* `MONGODB_ADVERTISED_HOSTNAME=mongodb-secondary` -* `MONGODB_EXTRA_FLAGS=--tlsMode=requireTLS --tlsCertificateKeyFile=/certificates/mongodb-secondary.pem --tlsClusterFile=/certificates/mongodb-secondary.pem --tlsCAFile=/certificates/mongoCA.crt` -* `MONGODB_CLIENT_EXTRA_FLAGS=--tls --tlsCertificateKeyFile=/certificates/mongodb-secondary.pem --tlsCAFile=/certificates/mongoCA.crt` +- `MONGODB_ADVERTISED_HOSTNAME=mongodb-secondary` +- `MONGODB_EXTRA_FLAGS=--tlsMode=requireTLS --tlsCertificateKeyFile=/certificates/mongodb-secondary.pem --tlsClusterFile=/certificates/mongodb-secondary.pem --tlsCAFile=/certificates/mongoCA.crt` +- `MONGODB_CLIENT_EXTRA_FLAGS=--tls --tlsCertificateKeyFile=/certificates/mongodb-secondary.pem --tlsCAFile=/certificates/mongoCA.crt` #### Connecting to the mongo daemon via SSL @@ -730,9 +735,9 @@ After successfully starting a cluster as specified, within the container it shou #### References -* To also allow clients to connect using username and password (without X509 certificates): +- To also allow clients to connect using username and password (without X509 certificates): -* For more extensive information regarding related configuration options: , +- For more extensive information regarding related configuration options: , Especially client authentication and requirements for common name and OU/DN/etc. fields in the certificates are important for creating a secure setup. ### Configuration file @@ -866,36 +871,36 @@ docker-compose up mongodb ### 4.4.8-debian-10-r31, and 5.0.2-debian-10-r0 -* From now on, "Default Write Concern" need to be set before adding new members (secondary, arbiter or hidden) to the cluster. In order to maintain the safest default configuration, `{"setDefaultRWConcern" : 1, "defaultWriteConcern" : {"w" : "majority"}}` is configured before adding new members. See and +- From now on, "Default Write Concern" need to be set before adding new members (secondary, arbiter or hidden) to the cluster. In order to maintain the safest default configuration, `{"setDefaultRWConcern" : 1, "defaultWriteConcern" : {"w" : "majority"}}` is configured before adding new members. See and ### 3.6.14-r69, 4.0.13-r11, and 4.2.1-r12 -* The configuration files mount point changed from `/opt/bitnami/mongodb/conf` to `/bitnami/mongodb/conf`. +- The configuration files mount point changed from `/opt/bitnami/mongodb/conf` to `/bitnami/mongodb/conf`. ### 3.6.13-r33, 4.0.10-r42, 4.1.13-r40 and 4.1.13-r41 -* `MONGODB_ENABLE_IPV6` set to `false` by default, if you want to enable IPv6, you need to set this environment variable to `true`. You can find more info at the above ["Enabling/disabling IPv6"](#enablingdisabling-ipv6) section. +- `MONGODB_ENABLE_IPV6` set to `false` by default, if you want to enable IPv6, you need to set this environment variable to `true`. You can find more info at the above ["Enabling/disabling IPv6"](#enablingdisabling-ipv6) section. ### 3.6.13-debian-9-r15, 3.6.13-ol-7-r15, 4.0.10-debian-9-r23, 4.0.10-ol-7-r24, 4.1.13-debian-9-r22, 4.1.13-ol-7-r23 or later -* Decrease the size of the container. Node.js is not needed anymore. MongoDB® configuration logic has been moved to bash scripts in the rootfs folder. +- Decrease the size of the container. Node.js is not needed anymore. MongoDB® configuration logic has been moved to bash scripts in the rootfs folder. ### 3.6.9, 4.0.4 and 4.1.5 or later -* All MongoDB® versions released after October 16, 2018 (3.6.9 or later, 4.0.4 or later or 4.1.5 or later) are licensed under the [Server Side Public License](https://www.mongodb.com/licensing/server-side-public-license) that is not currently accepted as a Open Source license by the Open Source Iniciative (OSI). +- All MongoDB® versions released after October 16, 2018 (3.6.9 or later, 4.0.4 or later or 4.1.5 or later) are licensed under the [Server Side Public License](https://www.mongodb.com/licensing/server-side-public-license) that is not currently accepted as a Open Source license by the Open Source Iniciative (OSI). ### 3.6.6-r16 and 4.1.1-r9 -* The MongoDB® container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MongoDB® daemon was started as the `mongo` user. From now on, both the container and the MongoDB® daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The MongoDB® container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MongoDB® daemon was started as the `mongo` user. From now on, both the container and the MongoDB® daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 3.2.7-r5 -* `MONGODB_USER` parameter has been renamed to `MONGODB_USERNAME`. +- `MONGODB_USER` parameter has been renamed to `MONGODB_USERNAME`. ### 3.2.6-r0 -* All volumes have been merged at `/bitnami/mongodb`. Now you only need to mount a single volume at `/bitnami/mongodb` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/mongodb`. Now you only need to mount a single volume at `/bitnami/mongodb` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/moodle/4.1/README.md b/bitnami/moodle/4.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/moodle/4.1/README.md +++ b/bitnami/moodle/4.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/moodle/4.4/README.md b/bitnami/moodle/4.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/moodle/4.4/README.md +++ b/bitnami/moodle/4.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/moodle/4.5/README.md b/bitnami/moodle/4.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/moodle/4.5/README.md +++ b/bitnami/moodle/4.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/moodle/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/moodle/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/moodle/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/moodle/5.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/moodle/README.md b/bitnami/moodle/README.md index da5429ae17ff..a39091a155b0 100644 --- a/bitnami/moodle/README.md +++ b/bitnami/moodle/README.md @@ -15,14 +15,25 @@ docker run --name moodle bitnami/moodle:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Bitnami LMS powered by Moodle™ LMS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Bitnami LMS powered by Moodle™ LMS in production? Try [VMwa Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Chart for Moodle™ GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/moodle). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -239,7 +244,7 @@ docker run -d --name moodle \ When you start the Moodle™ image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: ```yaml moodle: @@ -249,7 +254,7 @@ moodle: ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console docker run -d --name moodle -p 80:8080 -p 443:8443 \ @@ -264,7 +269,7 @@ moodle: This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: ```yaml moodle: @@ -281,7 +286,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console docker run -d --name moodle -p 80:8080 -p 443:8443 \ @@ -300,7 +305,7 @@ This would be an example of SMTP configuration using a Gmail account: This would be an instance ready to be put behind the NGINX load balancer. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: ```yaml moodle: @@ -312,7 +317,7 @@ This would be an instance ready to be put behind the NGINX load balancer. ... ``` -* For manual execution: +- For manual execution: ```console docker run -d --name moodle -p 80:8080 -p 443:8443 \ @@ -343,7 +348,7 @@ fr_FR.UTF-8 UTF-8, de_DE.UTF-8 UTF-8, it_IT.UTF-8 UTF-8, es_ES.UTF-8 UTF-8 To use `EXTRA_LOCALES`, you have two options: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: ```yaml moodle: @@ -357,7 +362,7 @@ To use `EXTRA_LOCALES`, you have two options: ... ``` -* For manual execution, clone the repository and run the following command inside the `X/debian-12` directory: +- For manual execution, clone the repository and run the following command inside the `X/debian-12` directory: ```console docker build -t bitnami/moodle:latest --build-arg EXTRA_LOCALES="fr_FR.UTF-8 UTF-8, de_DE.UTF-8 UTF-8, it_IT.UTF-8 UTF-8, es_ES.UTF-8 UTF-8" . @@ -369,7 +374,7 @@ You can generate all supported locales by setting the build environment variable To use `WITH_ALL_LOCALES`, you have two options: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/moodle/docker-compose.yml) file present in this repository: ```yaml moodle: @@ -383,7 +388,7 @@ To use `WITH_ALL_LOCALES`, you have two options: ... ``` -* For manual execution, clone the repository and run the following command inside the `X/debian-12` directory: +- For manual execution, clone the repository and run the following command inside the `X/debian-12` directory: ```console docker build -t bitnami/moodle:latest --build-arg WITH_ALL_LOCALES=yes . @@ -520,10 +525,10 @@ The Bitnami Docker image for Moodle™ is designed to be extended so it can Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -535,9 +540,9 @@ FROM bitnami/moodle Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache ```Dockerfile FROM bitnami/moodle @@ -576,22 +581,22 @@ Based on the extended image, you can update the [`docker-compose.yml`](https://g ## 3.9.0-debian-10-r17 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* The Moodle™ container now supports the "non-root" user approach, but it still runs as the `root` user by default. When running as a non-root user, all services will be run under the same user and Cron jobs will be disabled as crond requires to be run as a superuser. To run as a non-root user, change `USER root` to `USER 1001` in the Dockerfile, or specify `user: 1001` in `docker-compose.yml`. Related changes: - * The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Moodle™ site by exporting its content, and importing it on a new Moodle™ container. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The Moodle™ container now supports the "non-root" user approach, but it still runs as the `root` user by default. When running as a non-root user, all services will be run under the same user and Cron jobs will be disabled as crond requires to be run as a superuser. To run as a non-root user, change `USER root` to `USER 1001` in the Dockerfile, or specify `user: 1001` in `docker-compose.yml`. Related changes: + - The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Moodle™ site by exporting its content, and importing it on a new Moodle™ container. ## 3.7.1-debian-9-r38 and 3.7.1-ol-7-r40 -* It is now possible to use existing Moodle™ databases from other installations. In order to do this, use the environment variable `MOODLE_SKIP_INSTALL`, which forces the container not to run the initial Moodle™ setup wizard. +- It is now possible to use existing Moodle™ databases from other installations. In order to do this, use the environment variable `MOODLE_SKIP_INSTALL`, which forces the container not to run the initial Moodle™ setup wizard. ## 3.7.0-debian-9-r12 and 3.7.0-ol-7-r13 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ## Contributing diff --git a/bitnami/multus-cni/README.md b/bitnami/multus-cni/README.md index 1c4305ebd41a..d888a432c8b3 100644 --- a/bitnami/multus-cni/README.md +++ b/bitnami/multus-cni/README.md @@ -14,23 +14,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name multus-cni bitnami/multus-cni:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Multus CNI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -103,7 +108,7 @@ Check the [official Multus CNI documentation](https://github.com/k8snetworkplumb ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/mysql/8.0/README.md b/bitnami/mysql/8.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mysql/8.0/README.md +++ b/bitnami/mysql/8.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mysql/8.4/README.md b/bitnami/mysql/8.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/mysql/8.4/README.md +++ b/bitnami/mysql/8.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/mysql/9.3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mysql/9.3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/mysql/9.3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/mysql/9.3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/mysql/README.md b/bitnami/mysql/README.md index 58cb7c96129a..1a4fe184036b 100644 --- a/bitnami/mysql/README.md +++ b/bitnami/mysql/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mysql -e ALLOW_EMPTY_PASSWORD=yes bitnami/mysql:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MySQL in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -238,8 +243,8 @@ docker-compose up -d The container can execute custom files on the first start and on every start. Files with extensions `.sh`, `.sql` and `.sql.gz` are supported. -* Files in `/docker-entrypoint-initdb.d` will only execute on the first container start. -* Files in `/docker-entrypoint-startdb.d` will execute on every container start. +- Files in `/docker-entrypoint-initdb.d` will only execute on the first container start. +- Files in `/docker-entrypoint-startdb.d` will execute on every container start. In order to have your custom files inside the docker image you can mount them as a volume. @@ -251,8 +256,8 @@ Take into account those scripts are treated differently depending on the extensi The root user and password can easily be setup with the Bitnami MySQL Docker image using the following environment variables: -* `MYSQL_ROOT_USER`: The database admin user. Defaults to `root`. -* `MYSQL_ROOT_PASSWORD`: The database admin user password. No defaults. +- `MYSQL_ROOT_USER`: The database admin user. Defaults to `root`. +- `MYSQL_ROOT_PASSWORD`: The database admin user password. No defaults. Passing the `MYSQL_ROOT_PASSWORD` environment variable when running the image for the first time will set the password of the `MYSQL_ROOT_USER` user to the value of `MYSQL_ROOT_PASSWORD`. @@ -296,8 +301,8 @@ services: It is possible to configure the character set and collation used by default by the database with the following environment variables: -* `MYSQL_CHARACTER_SET`: The default character set to use. Default: `utf8` -* `MYSQL_COLLATE`: The default collation to use. Default: `utf8_general_ci` +- `MYSQL_CHARACTER_SET`: The default character set to use. Default: `utf8` +- `MYSQL_COLLATE`: The default collation to use. Default: `utf8_general_ci` ### Creating a database on first run @@ -356,14 +361,14 @@ services: A **zero downtime** MySQL master-slave [replication](https://dev.mysql.com/doc/refman/8.0/en/server-options.html) cluster can easily be setup with the Bitnami MySQL Docker image using the following environment variables: -* `MYSQL_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. -* `MYSQL_REPLICATION_USER`: The replication user created on the master on first run. No defaults. -* `MYSQL_REPLICATION_PASSWORD`: The replication users password. No defaults. -* `MYSQL_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. -* `MYSQL_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `3306`. -* `MYSQL_MASTER_ROOT_USER`: User on replication master with access to `MYSQL_DATABASE` (slave parameter). Defaults to `root` -* `MYSQL_MASTER_ROOT_PASSWORD`: Password of user on replication master with access to `MYSQL_DATABASE` (slave parameter). No defaults. -* `MYSQL_MASTER_DELAY`: The database replication delay (slave parameter). Defaults to `0`. +- `MYSQL_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. +- `MYSQL_REPLICATION_USER`: The replication user created on the master on first run. No defaults. +- `MYSQL_REPLICATION_PASSWORD`: The replication users password. No defaults. +- `MYSQL_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. +- `MYSQL_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `3306`. +- `MYSQL_MASTER_ROOT_USER`: User on replication master with access to `MYSQL_DATABASE` (slave parameter). Defaults to `root` +- `MYSQL_MASTER_ROOT_PASSWORD`: Password of user on replication master with access to `MYSQL_DATABASE` (slave parameter). No defaults. +- `MYSQL_MASTER_DELAY`: The database replication delay (slave parameter). Defaults to `0`. In a replication cluster you can have one master and zero or more slaves. When replication is enabled the master node is in read-write mode, while the slaves are in read-only mode. For best performance its advisable to limit the reads to the slaves. @@ -508,7 +513,7 @@ The Bitnami MySQL Docker image is designed to be extended so it can be used as t Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by MySQL, by setting the environment variables `MYSQL_PORT_NUMBER` or the character set using `MYSQL_CHARACTER_SET` respectively. +- Settings that can be adapted using environment variables. For instance, you can change the ports used by MySQL, by setting the environment variables `MYSQL_PORT_NUMBER` or the character set using `MYSQL_CHARACTER_SET` respectively. If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -520,10 +525,10 @@ FROM bitnami/mysql Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the MySQL configuration file -* Modify the ports used by MySQL -* Change the user that runs the container +- Install the `vim` editor +- Modify the MySQL configuration file +- Modify the ports used by MySQL +- Change the user that runs the container ```Dockerfile FROM bitnami/mysql @@ -549,7 +554,7 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom configuration +- Add a custom configuration ```yaml version: '2' @@ -589,8 +594,8 @@ You can configure the containers [logging driver](https://docs.docker.com/engine By default MySQL doesn't enable [slow query log](https://dev.mysql.com/doc/refman/en/slow-query-log.html) to record the SQL queries that take a long time to perform. You can modify these settings using the following environment variables: -* `MYSQL_ENABLE_SLOW_QUERY`: Whether to enable slow query logs. Default: `0` -* `MYSQL_LONG_QUERY_TIME`: How much time, in seconds, defines a slow query. Default: `10.0` +- `MYSQL_ENABLE_SLOW_QUERY`: Whether to enable slow query logs. Default: `0` +- `MYSQL_LONG_QUERY_TIME`: How much time, in seconds, defines a slow query. Default: `10.0` Slow queries information is logged to the `/-slow.log` file by default, and you can easily check it with the `mysqldumpslow` tool ([link to docs](https://dev.mysql.com/doc/refman/en/mysqldumpslow.html)): @@ -684,22 +689,22 @@ docker-compose up mysql ### 8.0.37-debian-12-r6, 8.3.0-debian-12-r15, 8.4.0-debian-12-r7 -* Upgrade level can be set by `MYSQL_UPGRADE` env var. By default this variable is set to `AUTO`. +- Upgrade level can be set by `MYSQL_UPGRADE` env var. By default this variable is set to `AUTO`. ### 5.7.36-debian-10-r36, 8.0.27-debian-10-r35, 5.7.41-r10-debian-11 and 8.0.32-r10-debian-11 -* The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. +- The command `mysql_upgrade` no longer includes the flag `--force`. Nonetheless, it can be enabled by using the [mysql_upgrade] option group in the MariaDB configuration. ### 5.7.30-debian-10-r32 and 8.0.20-debian-10-r29 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. ### 5.7.23-r52 and 8.0.12-r34 -* Decrease the size of the container. It is not necessary Node.js anymore. MySQL configuration moved to bash scripts in the `rootfs/` folder. -* The recommended mount point to persist data changes to `/bitnami/mysql/data`. -* The MySQL configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/mysql/conf`. -* Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: +- Decrease the size of the container. It is not necessary Node.js anymore. MySQL configuration moved to bash scripts in the `rootfs/` folder. +- The recommended mount point to persist data changes to `/bitnami/mysql/data`. +- The MySQL configuration files are not persisted in a volume anymore. Now, they can be found at `/opt/bitnami/mysql/conf`. +- Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: ```console $ docker-compose down @@ -712,21 +717,21 @@ $ docker-compose up -d ### 5.7.22-r18 and 8.0.11-r16 -* The MySQL container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MySQL daemon was started as the `mysql` user. From now on, both the container and the MySQL daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The MySQL container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the MySQL daemon was started as the `mysql` user. From now on, both the container and the MySQL daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 5.7.21-r6 -* The MySQL conf file is not in a persistent volume by default. +- The MySQL conf file is not in a persistent volume by default. -* The user is able to specify a custom file in the default location '/opt/bitnami/mysql/conf/my.cnf'. +- The user is able to specify a custom file in the default location '/opt/bitnami/mysql/conf/my.cnf'. ### 5.7.17-r4 -* `MYSQL_MASTER_USER` has been renamed to `MYSQL_MASTER_ROOT_USER` -* `MYSQL_MASTER_PASSWORD` has been renamed to `MYSQL_MASTER_ROOT_PASSWORD` -* `MYSQL_ROOT_USER` has been added to the available env variables. It can be used to specify the admin user. -* `ALLOW_EMPTY_PASSWORD` has been added to the available env variables. It can be used to allow blank passwords for MySQL. -* By default the MySQL image requires a root password to start. You can specify it using the `MYSQL_ROOT_PASSWORD` env variable or disable this requirement by setting the `ALLOW_EMPTY_PASSWORD` env variable to `yes` (testing or development scenarios). +- `MYSQL_MASTER_USER` has been renamed to `MYSQL_MASTER_ROOT_USER` +- `MYSQL_MASTER_PASSWORD` has been renamed to `MYSQL_MASTER_ROOT_PASSWORD` +- `MYSQL_ROOT_USER` has been added to the available env variables. It can be used to specify the admin user. +- `ALLOW_EMPTY_PASSWORD` has been added to the available env variables. It can be used to allow blank passwords for MySQL. +- By default the MySQL image requires a root password to start. You can specify it using the `MYSQL_ROOT_PASSWORD` env variable or disable this requirement by setting the `ALLOW_EMPTY_PASSWORD` env variable to `yes` (testing or development scenarios). ## Using `docker-compose.yaml` diff --git a/bitnami/mysqld-exporter/README.md b/bitnami/mysqld-exporter/README.md index 9b087d633367..8ddc43328902 100644 --- a/bitnami/mysqld-exporter/README.md +++ b/bitnami/mysqld-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mysqld-exporter bitnami/mysqld-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use MySQL Server Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use MySQL Server Exporter in production? Try [VMware Tanzu Applicatio Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,12 +147,12 @@ docker run --name mysqld-exporter bitnami/mysqld-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 0.12.1-centos-7-r175 -* `0.12.1-centos-7-r175` is considered the latest image based on CentOS. -* Standard supported distros: Debian & OEL. +- `0.12.1-centos-7-r175` is considered the latest image based on CentOS. +- Standard supported distros: Debian & OEL. ## Contributing diff --git a/bitnami/nats-exporter/README.md b/bitnami/nats-exporter/README.md index 40adaf01b23c..2eb45217d384 100644 --- a/bitnami/nats-exporter/README.md +++ b/bitnami/nats-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nats-exporter bitnami/nats-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NATS Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use NATS Exporter in production? Try [VMware Tanzu Application Catalo Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name nats-exporter bitnami/nats-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/nats/README.md b/bitnami/nats/README.md index 53372f5ff0d8..365a16dec401 100644 --- a/bitnami/nats/README.md +++ b/bitnami/nats/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nats bitnami/nats:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NATS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -174,11 +179,11 @@ For further documentation, please check [NATS documentation](https://docs.nats.i ### 2.10.24-debian-12-r3 -* This image revision dramatically reduces the image given it removes the existing OS distro. Instead, it simply includes the NATS binary on top of a scratch base image. +- This image revision dramatically reduces the image given it removes the existing OS distro. Instead, it simply includes the NATS binary on top of a scratch base image. ### 2.6.4-debian-10-r14 -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. ## Using `docker-compose.yaml` diff --git a/bitnami/natscli/README.md b/bitnami/natscli/README.md index 7d61a2bb1c0b..5a5132cf8fe3 100644 --- a/bitnami/natscli/README.md +++ b/bitnami/natscli/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name natscli bitnami/natscli ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NATS CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official NATS CLI documentation](https://nats.io/docs/) for more info ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/neo4j/4/README.md b/bitnami/neo4j/4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/neo4j/4/README.md +++ b/bitnami/neo4j/4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/neo4j/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/neo4j/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/neo4j/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/neo4j/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/neo4j/README.md b/bitnami/neo4j/README.md index 3c7d395b288b..813b8609618f 100644 --- a/bitnami/neo4j/README.md +++ b/bitnami/neo4j/README.md @@ -15,23 +15,28 @@ docker run --name neo4j bitnami/neo4j:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Neo4j in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -326,13 +331,13 @@ docker-compose up neo4j ### 4.3.0-debian-10-r17 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. In addition to this, the container now has the latest stable version of the [apoc library](https://github.com/neo4j-contrib/neo4j-apoc-procedures) enabled by default. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. In addition to this, the container now has the latest stable version of the [apoc library](https://github.com/neo4j-contrib/neo4j-apoc-procedures) enabled by default. -* Now the configuration file is not persisted, so it is recommended to remove the persisted file in `/bitnami/neo4j/conf/` to avoid potential upgrade issues. +- Now the configuration file is not persisted, so it is recommended to remove the persisted file in `/bitnami/neo4j/conf/` to avoid potential upgrade issues. ### 3.4.3-r13 -* The Neo4j container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Neo4j daemon was started as the `neo4j` user. From now on, both the container and the Neo4j daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Neo4j container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Neo4j daemon was started as the `neo4j` user. From now on, both the container and the Neo4j daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Using `docker-compose.yaml` diff --git a/bitnami/nessie-utils/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/nessie-utils/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/nessie-utils/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/nessie-utils/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/nessie-utils/README.md b/bitnami/nessie-utils/README.md index 33d83269c37d..3489a3eb3231 100644 --- a/bitnami/nessie-utils/README.md +++ b/bitnami/nessie-utils/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nessie-utils bitnami/nessie-utils ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Nessie Utils in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/nessie/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/nessie/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/nessie/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/nessie/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/nessie/README.md b/bitnami/nessie/README.md index 673d368024cc..d856ff653c2b 100644 --- a/bitnami/nessie/README.md +++ b/bitnami/nessie/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nessie bitnami/nessie ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Nessie in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/nginx-exporter/README.md b/bitnami/nginx-exporter/README.md index 91ca2bc0142b..4e508bc57523 100644 --- a/bitnami/nginx-exporter/README.md +++ b/bitnami/nginx-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nginx-exporter bitnami/nginx-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NGINX Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use NGINX Exporter in production? Try [VMware Tanzu Application Catal Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name nginx-exporter bitnami/nginx-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/nginx-ingress-controller/1.11/README.md b/bitnami/nginx-ingress-controller/1.11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/nginx-ingress-controller/1.11/README.md +++ b/bitnami/nginx-ingress-controller/1.11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/nginx-ingress-controller/1.12/README.md b/bitnami/nginx-ingress-controller/1.12/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/nginx-ingress-controller/1.12/README.md +++ b/bitnami/nginx-ingress-controller/1.12/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/nginx-ingress-controller/README.md b/bitnami/nginx-ingress-controller/README.md index c1ad338c8a65..7dc14e2cb45e 100644 --- a/bitnami/nginx-ingress-controller/README.md +++ b/bitnami/nginx-ingress-controller/README.md @@ -15,14 +15,25 @@ Deploy NGINX Ingress Controller for Kubernetes on your [Kubernetes cluster](http docker run --name nginx-ingress-controller bitnami/nginx-ingress-controller:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NGINX Ingress Controller in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use NGINX Ingress Controller in production? Try [VMware Tanzu Applica Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami NGINX Ingress Controller Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/nginx-ingress-controller). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -52,7 +57,7 @@ For further documentation, please check [here](https://github.com/kubernetes/ing ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing @@ -63,11 +68,11 @@ request](https://github.com/bitnami/containers/pulls/new) with your contribution If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new/choose). For us to provide better support, be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/nginx/1.28/README.md b/bitnami/nginx/1.28/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/nginx/1.28/README.md +++ b/bitnami/nginx/1.28/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/nginx/1.29/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/nginx/1.29/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/nginx/1.29/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/nginx/1.29/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/nginx/README.md b/bitnami/nginx/README.md index d0da5732bd72..f3ccffb02dab 100644 --- a/bitnami/nginx/README.md +++ b/bitnami/nginx/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nginx bitnami/nginx:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use NGINX Open Source in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -392,7 +397,7 @@ server { **Further Reading:** -* [NGINX reverse proxy](http://nginx.com/resources/admin-guide/reverse-proxy/) +- [NGINX reverse proxy](http://nginx.com/resources/admin-guide/reverse-proxy/) ## Logging @@ -418,11 +423,11 @@ The Bitnami NGINX Open Source Docker image is designed to be extended so it can Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the port used by NGINX for HTTP setting the environment variable `NGINX_HTTP_PORT_NUMBER`. -* [Adding custom server blocks](#adding-custom-server-blocks). -* [Replacing the 'nginx.conf' file](#full-configuration). -* [Using custom SSL certificates](#using-custom-ssl-certificates). -* [Solving redirection issues](#solving-redirection-issues). +- Settings that can be adapted using environment variables. For instance, you can change the port used by NGINX for HTTP setting the environment variable `NGINX_HTTP_PORT_NUMBER`. +- [Adding custom server blocks](#adding-custom-server-blocks). +- [Replacing the 'nginx.conf' file](#full-configuration). +- [Using custom SSL certificates](#using-custom-ssl-certificates). +- [Solving redirection issues](#solving-redirection-issues). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -434,10 +439,10 @@ FROM bitnami/nginx Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the NGINX configuration file -* Modify the ports used by NGINX -* Change the user that runs the container +- Install the `vim` editor +- Modify the NGINX configuration file +- Modify the ports used by NGINX +- Change the user that runs the container ```Dockerfile FROM bitnami/nginx @@ -462,9 +467,9 @@ USER 1002 Based on the extended image, you can use a Docker Compose file like the one below to add other features: -* Add a custom server block -* Add custom certificates -* Clone your web application and serve it through NGINX +- Add a custom server block +- Add custom certificates +- Clone your web application and serve it through NGINX ```yaml version: '2' @@ -607,31 +612,31 @@ docker-compose up nginx ## Useful Links -* [Create An EMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) +- [Create An EMP Development Environment With Bitnami Containers](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) ## Notable Changes ### Starting February 10, 2025 -* The [module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol, has been converted into a dynamic module. +- The [module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol, has been converted into a dynamic module. ### 1.24.0-debian-11-r142 and 1.25.2-debian-11-r33 -* Added support for [Module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol. +- Added support for [Module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol. ### 1.18.0-debian-10-r210 and 1.19.6-debian-10-r1 -* Added support for enabling dynamic modules. +- Added support for enabling dynamic modules. ### 1.16.1-centos-7-r173 -* `1.16.1-centos-7-r173` is considered the latest image based on CentOS. -* Standard supported distros: Debian & OEL. +- `1.16.1-centos-7-r173` is considered the latest image based on CentOS. +- Standard supported distros: Debian & OEL. ### 1.16.0-r3 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The recommended mount point for adding custom server blocks changes from `/opt/bitnami/nginx/conf/vhosts` to `/opt/bitnami/nginx/conf/server_blocks`. Remember to update your Docker Compose files to user the new mount point. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The recommended mount point for adding custom server blocks changes from `/opt/bitnami/nginx/conf/vhosts` to `/opt/bitnami/nginx/conf/server_blocks`. Remember to update your Docker Compose files to user the new mount point. ## Using `docker-compose.yaml` diff --git a/bitnami/node-exporter/README.md b/bitnami/node-exporter/README.md index 7ae425a78f7a..5a2af7ca017c 100644 --- a/bitnami/node-exporter/README.md +++ b/bitnami/node-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name node-exporter bitnami/node-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Node Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Node Exporter in production? Try [VMware Tanzu Application Catalo Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -153,7 +158,7 @@ docker run --name node-exporter bitnami/node-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/node/20/README.md b/bitnami/node/20/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/node/20/README.md +++ b/bitnami/node/20/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/node/22/README.md b/bitnami/node/22/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/node/22/README.md +++ b/bitnami/node/22/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/node/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/node/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/node/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/node/24/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/node/README.md b/bitnami/node/README.md index aa7b3974a699..9ef0408f7b39 100644 --- a/bitnami/node/README.md +++ b/bitnami/node/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name node bitnami/node:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Node.js in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ docker run -it --name node bitnami/node **Further Reading:** -* [nodejs.org/api/repl.html](https://nodejs.org/api/repl.html) +- [nodejs.org/api/repl.html](https://nodejs.org/api/repl.html) ## Configuration @@ -105,8 +110,8 @@ node: **Further Reading:** -* [package.json documentation](https://docs.npmjs.com/files/package.json) -* [npm start script](https://docs.npmjs.com/misc/scripts#default-values) +- [package.json documentation](https://docs.npmjs.com/files/package.json) +- [npm start script](https://docs.npmjs.com/misc/scripts#default-values) ## Working with private npm modules @@ -114,13 +119,13 @@ To work with npm private modules, it is necessary to be logged into npm. npm CLI If you are working in a Docker environment, you can inject the token at build time in your Dockerfile by using the ARG parameter as follows: -* Create a `npmrc` file within the project. It contains the instructions for the `npm` command to authenticate against npmjs.org registry. The `NPM_TOKEN` will be taken at build time. The file should look like this: +- Create a `npmrc` file within the project. It contains the instructions for the `npm` command to authenticate against npmjs.org registry. The `NPM_TOKEN` will be taken at build time. The file should look like this: ```console //registry.npmjs.org/:_authToken=${NPM_TOKEN} ``` -* Add some new lines to the Dockerfile in order to copy the `npmrc` file, add the expected `NPM_TOKEN` by using the ARG parameter, and remove the `npmrc` file once the npm install is completed. +- Add some new lines to the Dockerfile in order to copy the `npmrc` file, add the expected `NPM_TOKEN` by using the ARG parameter, and remove the `npmrc` file once the npm install is completed. You can find the Dockerfile below: @@ -138,7 +143,7 @@ RUN npm install CMD node app.js ``` -* Now you can build the image using the above Dockerfile and the token. Run the `docker build` command as follows: +- Now you can build the image using the above Dockerfile and the token. Run the `docker build` command as follows: ```console docker build --build-arg NPM_TOKEN=${NPM_TOKEN} . @@ -150,7 +155,7 @@ Congratulations! You are now logged into the npm repo. ### Further reading -* [npm official documentation](https://docs.npmjs.com/private-modules/docker-and-private-modules). +- [npm official documentation](https://docs.npmjs.com/private-modules/docker-and-private-modules). ## Accessing a Node.js app running a web server @@ -282,19 +287,19 @@ docker run --name node bitnami/node:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 6.2.0-r0 (2016-05-11) -* Commands are now executed as the `root` user. Use the `--user` argument to switch to another user or change to the required user using `sudo` to launch applications. Alternatively, as of Docker 1.10 User Namespaces are supported by the docker daemon. Refer to the [daemon user namespace options](https://docs.docker.com/engine/security/userns-remap/) for more details. +- Commands are now executed as the `root` user. Use the `--user` argument to switch to another user or change to the required user using `sudo` to launch applications. Alternatively, as of Docker 1.10 User Namespaces are supported by the docker daemon. Refer to the [daemon user namespace options](https://docs.docker.com/engine/security/userns-remap/) for more details. ### 4.1.2-0 (2015-10-12) -* Permissions fixed so `bitnami` user can install global npm modules without needing `sudo`. +- Permissions fixed so `bitnami` user can install global npm modules without needing `sudo`. ### 4.1.1-0-r01 (2015-10-07) -* `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. +- `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. ## Contributing diff --git a/bitnami/notation/README.md b/bitnami/notation/README.md index 3a7e7e6479a3..b872197689dc 100644 --- a/bitnami/notation/README.md +++ b/bitnami/notation/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name notation bitnami/notation ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Notation in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -209,7 +214,7 @@ Check the [official Notation documentation](https://notaryproject.dev/docs/quick ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/oauth2-proxy/README.md b/bitnami/oauth2-proxy/README.md index 9edf76862527..20141b8b6ecc 100644 --- a/bitnami/oauth2-proxy/README.md +++ b/bitnami/oauth2-proxy/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name oauth2-proxy bitnami/oauth2-proxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OAuth2 Proxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use OAuth2 Proxy in production? Try [VMware Tanzu Application Catalog Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -151,7 +156,7 @@ docker run --name oauth2-proxy bitnami/oauth2-proxy:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing @@ -162,11 +167,11 @@ request](https://github.com/bitnami/containers/pulls/new) with your contribution -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/odoo/16/README.md b/bitnami/odoo/16/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/odoo/16/README.md +++ b/bitnami/odoo/16/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/odoo/17/README.md b/bitnami/odoo/17/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/odoo/17/README.md +++ b/bitnami/odoo/17/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/odoo/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/odoo/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/odoo/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/odoo/18/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/odoo/README.md b/bitnami/odoo/README.md index 55c3642e65df..cd87d2f1b1bc 100644 --- a/bitnami/odoo/README.md +++ b/bitnami/odoo/README.md @@ -16,14 +16,25 @@ docker run --name odoo bitnami/odoo:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Odoo in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Looking to use Odoo in production? Try [VMware Tanzu Application Catalog](https: Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Odoo Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/odoo). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -235,7 +240,7 @@ docker run -d --name odoo \ When you start the Odoo image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: ```yaml odoo: @@ -245,7 +250,7 @@ When you start the Odoo image, you can adjust the configuration of the instance ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name odoo -p 80:8069 \ @@ -261,7 +266,7 @@ When you start the Odoo image, you can adjust the configuration of the instance This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: ```yaml odoo: @@ -275,7 +280,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name odoo -p 80:8069 \ @@ -292,7 +297,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami Odoo container supports connecting the Odoo application to an external database. This would be an example of using an external database for Odoo. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/odoo/docker-compose.yml) file present in this repository: ```diff odoo: @@ -306,7 +311,7 @@ The Bitnami Odoo container supports connecting the Odoo application to an extern ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name odoo\ @@ -432,12 +437,12 @@ docker-compose up -d ### 12.0.20210615-debian-10-r20, 13.0.20210610-debian-10-r24 and 14.0.20210610-debian-10-r22 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* It is now possible to use an already populated Odoo database from another installation. In order to do this, use the environment variable `ODOO_SKIP_BOOTSTRAP`, which forces the container not to run the initial Odoo setup wizard. -* Removed port 8071 from list of exposed ports. This port was used by the Odoo XMLRPCS service, but was removed in Odoo 10. -* Added port 8072 to the list of exposed ports. This port is used by the [Odoo Longpolling service](https://www.odoo.com/documentation/14.0/administration/deployment/deploy.html#livechat). -* The `WITHOUT_DEMO` environment variable was deprecated in favor of the boolean `ODOO_LOAD_DEMO_DATA` environment variable. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- It is now possible to use an already populated Odoo database from another installation. In order to do this, use the environment variable `ODOO_SKIP_BOOTSTRAP`, which forces the container not to run the initial Odoo setup wizard. +- Removed port 8071 from list of exposed ports. This port was used by the Odoo XMLRPCS service, but was removed in Odoo 10. +- Added port 8072 to the list of exposed ports. This port is used by the [Odoo Longpolling service](https://www.odoo.com/documentation/14.0/administration/deployment/deploy.html#livechat). +- The `WITHOUT_DEMO` environment variable was deprecated in favor of the boolean `ODOO_LOAD_DEMO_DATA` environment variable. ## Contributing diff --git a/bitnami/openldap/2.5/README.md b/bitnami/openldap/2.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/openldap/2.5/README.md +++ b/bitnami/openldap/2.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/openldap/2.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/openldap/2.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/openldap/2.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/openldap/2.6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/openldap/README.md b/bitnami/openldap/README.md index a3e95aba2b2e..34b2de96bb05 100644 --- a/bitnami/openldap/README.md +++ b/bitnami/openldap/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name openldap bitnami/openldap:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OpenLDAP in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use OpenLDAP in production? Try [VMware Tanzu Application Catalog](ht Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -174,34 +179,34 @@ docker-compose up -d The Bitnami Docker OpenLDAP can be easily setup with the following environment variables: -* `LDAP_PORT_NUMBER`: The port OpenLDAP is listening for requests. Priviledged port is supported (e.g. `389`). Default: **1389** (non privileged port). -* `LDAP_ROOT`: LDAP baseDN (or suffix) of the LDAP tree. Default: **dc=example,dc=org** -* `LDAP_ADMIN_USERNAME`: LDAP database admin user. Default: **admin** -* `LDAP_ADMIN_PASSWORD`: LDAP database admin password. Default: **adminpassword** -* `LDAP_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP database admin user password. This will override the value specified in `LDAP_ADMIN_PASSWORD`. No defaults. -* `LDAP_CONFIG_ADMIN_ENABLED`: Whether to create a configuration admin user. Default: **no**. -* `LDAP_CONFIG_ADMIN_USERNAME`: LDAP configuration admin user. This is separate from `LDAP_ADMIN_USERNAME`. Default: **admin**. -* `LDAP_CONFIG_ADMIN_PASSWORD`: LDAP configuration admin password. Default: **configpassword**. -* `LDAP_CONFIG_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP configuration admin user password. This will override the value specified in `LDAP_CONFIG_ADMIN_PASSWORD`. No defaults. -* `LDAP_USERS`: Comma separated list of LDAP users to create in the default LDAP tree. Default: **user01,user02** -* `LDAP_PASSWORDS`: Comma separated list of passwords to use for LDAP users. Default: **bitnami1,bitnami2** -* `LDAP_USER_OU`: Name for the user's organizational unit. Default: **users** -* `LDAP_GROUP_OU`: Name for the group's organizational unit. Default: **groups** -* `LDAP_USER_DC`: DC for the users' organizational unit. **DEPRECATED** Please use `LDAP_USER_OU` and `LDAP_GROUP_OU` instead. -* `LDAP_GROUP`: Group used to group created users. Default: **readers** -* `LDAP_ADD_SCHEMAS`: Whether to add the schemas specified in `LDAP_EXTRA_SCHEMAS`. Default: **yes** -* `LDAP_EXTRA_SCHEMAS`: Extra schemas to add, among OpenLDAP's distributed schemas. Default: **cosine, inetorgperson, nis** -* `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. Please note that this will **not** skip the addition of schemas or importing of LDIF files. Default: **no** -* `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files. Default: **/ldifs** -* `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**" -* `LDAP_CUSTOM_SCHEMA_DIR`: Location of a directory containing custom internal schema files that could not be added as custom ldif files (i.e. containing some `structuralObjectClass`). This can be used in addition to or instead of `LDAP_CUSTOM_SCHEMA_FILE` (above) to add multiple schema files. Default: **/schemas** -* `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**. -* `LDAP_ALLOW_ANON_BINDING`: Allow anonymous bindings to the LDAP server. Default: **yes**. -* `LDAP_LOGLEVEL`: Set the loglevel for the OpenLDAP server (see for possible values). Default: **256**. -* `LDAP_PASSWORD_HASH`: Hash to be used in generation of user passwords. Must be one of {SSHA}, {SHA}, {SMD5}, {MD5}, {CRYPT}, and {CLEARTEXT}. Default: **{SSHA}**. -* `LDAP_CONFIGURE_PPOLICY`: Enables the ppolicy module and creates an empty configuration. Default: **no**. -* `LDAP_PPOLICY_USE_LOCKOUT`: Whether bind attempts to locked accounts will always return an error. Will only be applied with `LDAP_CONFIGURE_PPOLICY` active. Default: **no**. -* `LDAP_PPOLICY_HASH_CLEARTEXT`: Whether plaintext passwords should be hashed automatically. Will only be applied with `LDAP_CONFIGURE_PPOLICY` active. Default: **no**. +- `LDAP_PORT_NUMBER`: The port OpenLDAP is listening for requests. Priviledged port is supported (e.g. `389`). Default: **1389** (non privileged port). +- `LDAP_ROOT`: LDAP baseDN (or suffix) of the LDAP tree. Default: **dc=example,dc=org** +- `LDAP_ADMIN_USERNAME`: LDAP database admin user. Default: **admin** +- `LDAP_ADMIN_PASSWORD`: LDAP database admin password. Default: **adminpassword** +- `LDAP_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP database admin user password. This will override the value specified in `LDAP_ADMIN_PASSWORD`. No defaults. +- `LDAP_CONFIG_ADMIN_ENABLED`: Whether to create a configuration admin user. Default: **no**. +- `LDAP_CONFIG_ADMIN_USERNAME`: LDAP configuration admin user. This is separate from `LDAP_ADMIN_USERNAME`. Default: **admin**. +- `LDAP_CONFIG_ADMIN_PASSWORD`: LDAP configuration admin password. Default: **configpassword**. +- `LDAP_CONFIG_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP configuration admin user password. This will override the value specified in `LDAP_CONFIG_ADMIN_PASSWORD`. No defaults. +- `LDAP_USERS`: Comma separated list of LDAP users to create in the default LDAP tree. Default: **user01,user02** +- `LDAP_PASSWORDS`: Comma separated list of passwords to use for LDAP users. Default: **bitnami1,bitnami2** +- `LDAP_USER_OU`: Name for the user's organizational unit. Default: **users** +- `LDAP_GROUP_OU`: Name for the group's organizational unit. Default: **groups** +- `LDAP_USER_DC`: DC for the users' organizational unit. **DEPRECATED** Please use `LDAP_USER_OU` and `LDAP_GROUP_OU` instead. +- `LDAP_GROUP`: Group used to group created users. Default: **readers** +- `LDAP_ADD_SCHEMAS`: Whether to add the schemas specified in `LDAP_EXTRA_SCHEMAS`. Default: **yes** +- `LDAP_EXTRA_SCHEMAS`: Extra schemas to add, among OpenLDAP's distributed schemas. Default: **cosine, inetorgperson, nis** +- `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. Please note that this will **not** skip the addition of schemas or importing of LDIF files. Default: **no** +- `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files. Default: **/ldifs** +- `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**" +- `LDAP_CUSTOM_SCHEMA_DIR`: Location of a directory containing custom internal schema files that could not be added as custom ldif files (i.e. containing some `structuralObjectClass`). This can be used in addition to or instead of `LDAP_CUSTOM_SCHEMA_FILE` (above) to add multiple schema files. Default: **/schemas** +- `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**. +- `LDAP_ALLOW_ANON_BINDING`: Allow anonymous bindings to the LDAP server. Default: **yes**. +- `LDAP_LOGLEVEL`: Set the loglevel for the OpenLDAP server (see for possible values). Default: **256**. +- `LDAP_PASSWORD_HASH`: Hash to be used in generation of user passwords. Must be one of {SSHA}, {SHA}, {SMD5}, {MD5}, {CRYPT}, and {CLEARTEXT}. Default: **{SSHA}**. +- `LDAP_CONFIGURE_PPOLICY`: Enables the ppolicy module and creates an empty configuration. Default: **no**. +- `LDAP_PPOLICY_USE_LOCKOUT`: Whether bind attempts to locked accounts will always return an error. Will only be applied with `LDAP_CONFIGURE_PPOLICY` active. Default: **no**. +- `LDAP_PPOLICY_HASH_CLEARTEXT`: Whether plaintext passwords should be hashed automatically. Will only be applied with `LDAP_CONFIGURE_PPOLICY` active. Default: **no**. You can bootstrap the contents of your database by putting LDIF files in the directory `/ldifs` (or the one you define in `LDAP_CUSTOM_LDIF_DIR`). Those may only contain content underneath your base DN (set by `LDAP_ROOT`). You can **not** set configuration for e.g. `cn=config` in those files. @@ -219,23 +224,23 @@ Overlays are dynamic modules that can be added to an OpenLDAP server to extend o This overlay can record accesses to a given backend database on another database. -* `LDAP_ENABLE_ACCESSLOG`: Enables the accesslog module with the following configuration defaults unless specified otherwise. Default: **no**. -* `LDAP_ACCESSLOG_ADMIN_USERNAME`: Admin user for accesslog database. Default: **admin**. -* `LDAP_ACCESSLOG_ADMIN_PASSWORD`: Admin password for accesslog database. Default: **accesspassword**. -* `LDAP_ACCESSLOG_DB`: The DN (Distinguished Name) of the database where the access log entries will be stored. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **cn=accesslog**. -* `LDAP_ACCESSLOG_LOGOPS`: Specify which types of operations to log. Valid aliases for common sets of operations are: writes, reads, session or all. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **writes**. -* `LDAP_ACCESSLOG_LOGSUCCESS`: Whether successful operations should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **TRUE**. -* `LDAP_ACCESSLOG_LOGPURGE`: When and how often old access log entries should be purged. Format `"dd+hh:mm"`. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **07+00:00 01+00:00**. -* `LDAP_ACCESSLOG_LOGOLD`: An LDAP filter that determines which entries should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **(objectClass=*)**. -* `LDAP_ACCESSLOG_LOGOLDATTR`: Specifies an attribute that should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **objectClass**. +- `LDAP_ENABLE_ACCESSLOG`: Enables the accesslog module with the following configuration defaults unless specified otherwise. Default: **no**. +- `LDAP_ACCESSLOG_ADMIN_USERNAME`: Admin user for accesslog database. Default: **admin**. +- `LDAP_ACCESSLOG_ADMIN_PASSWORD`: Admin password for accesslog database. Default: **accesspassword**. +- `LDAP_ACCESSLOG_DB`: The DN (Distinguished Name) of the database where the access log entries will be stored. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **cn=accesslog**. +- `LDAP_ACCESSLOG_LOGOPS`: Specify which types of operations to log. Valid aliases for common sets of operations are: writes, reads, session or all. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **writes**. +- `LDAP_ACCESSLOG_LOGSUCCESS`: Whether successful operations should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **TRUE**. +- `LDAP_ACCESSLOG_LOGPURGE`: When and how often old access log entries should be purged. Format `"dd+hh:mm"`. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **07+00:00 01+00:00**. +- `LDAP_ACCESSLOG_LOGOLD`: An LDAP filter that determines which entries should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **(objectClass=*)**. +- `LDAP_ACCESSLOG_LOGOLDATTR`: Specifies an attribute that should be logged. Will only be applied with `LDAP_ENABLE_ACCESSLOG` active. Default: **objectClass**. Check the official page [OpenLDAP, Overlays, Access Logging](https://www.openldap.org/doc/admin26/overlays.html#Access%20Logging) for detailed configuration information. #### Sync Provider -* `LDAP_ENABLE_SYNCPROV`: Enables the syncrepl module with the following configuration defaults unless specified otherwise. Default: **no**. -* `LDAP_SYNCPROV_CHECKPPOINT`: For every 100 operations or 10 minutes, which ever is sooner, the contextCSN will be checkpointed. Will only be applied with `LDAP_ENABLE_SYNCPROV` active. Default: **100 10**. -* `LDAP_SYNCPROV_SESSIONLOG`: The maximum number of session log entries the session log can record. Will only be applied with `LDAP_ENABLE_SYNCPROV` active. Default: **100**. +- `LDAP_ENABLE_SYNCPROV`: Enables the syncrepl module with the following configuration defaults unless specified otherwise. Default: **no**. +- `LDAP_SYNCPROV_CHECKPPOINT`: For every 100 operations or 10 minutes, which ever is sooner, the contextCSN will be checkpointed. Will only be applied with `LDAP_ENABLE_SYNCPROV` active. Default: **100 10**. +- `LDAP_SYNCPROV_SESSIONLOG`: The maximum number of session log entries the session log can record. Will only be applied with `LDAP_ENABLE_SYNCPROV` active. Default: **100**. Check the official page [OpenLDAP, Overlays, Sync Provider](https://www.openldap.org/doc/admin26/overlays.html#Sync%20Provider) for detailed configuration information. @@ -278,13 +283,13 @@ Check the official page [OpenLDAP, Overlays, Dynamic Lists](https://www.openldap OpenLDAP clients and servers are capable of using the Transport Layer Security (TLS) framework to provide integrity and confidentiality protections and to support LDAP authentication using the SASL EXTERNAL mechanism. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `LDAP_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `LDAP_REQUIRE_TLS`: Whether connections must use TLS. Will only be applied with `LDAP_ENABLE_TLS` active. Defaults to `no`. -* `LDAP_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic. Priviledged port is supported (e.g. `636`). Default: **1636** (non privileged port). -* `LDAP_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `LDAP_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `LDAP_TLS_CA_FILE`: File containing the CA of the certificate. No defaults. -* `LDAP_TLS_DH_PARAMS_FILE`: File containing the DH parameters. No defaults. +- `LDAP_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `LDAP_REQUIRE_TLS`: Whether connections must use TLS. Will only be applied with `LDAP_ENABLE_TLS` active. Defaults to `no`. +- `LDAP_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic. Priviledged port is supported (e.g. `636`). Default: **1636** (non privileged port). +- `LDAP_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `LDAP_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `LDAP_TLS_CA_FILE`: File containing the CA of the certificate. No defaults. +- `LDAP_TLS_DH_PARAMS_FILE`: File containing the DH parameters. No defaults. This new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To use TLS you can use the URI `ldaps://openldap:1636` or use the non-TLS URI forcing ldap to use TLS `ldap://openldap:1389 -ZZ`. @@ -325,9 +330,9 @@ This new feature is not mutually exclusive, which means it is possible to listen OpenLDAP supports the HAProxy proxy protocol version 2 to detect real client IP that is masked when server runs behind load balancer. You can enable and configure this feature with the following environment variables: -* `LDAP_ENABLE_PROXYPROTO`: Whether to enable proxy protocol support for traffic or not. Defaults to `no`. -* `LDAP_PROXYPROTO_PORT_NUMBER`: The port OpenLDAP is listening for requests that is wrapped in proxy protocol. Default: the **LDAP_PORT_NUMBER** value. -* `LDAP_PROXYPROTO_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic that is wrapped in proxy protocol. Default: the **LDAP_LDAPS_PORT_NUMBER** value. +- `LDAP_ENABLE_PROXYPROTO`: Whether to enable proxy protocol support for traffic or not. Defaults to `no`. +- `LDAP_PROXYPROTO_PORT_NUMBER`: The port OpenLDAP is listening for requests that is wrapped in proxy protocol. Default: the **LDAP_PORT_NUMBER** value. +- `LDAP_PROXYPROTO_LDAPS_PORT_NUMBER`: Port used for TLS secure traffic that is wrapped in proxy protocol. Default: the **LDAP_LDAPS_PORT_NUMBER** value. Enabling this feature will replace regular and TLS ports with proxy protocol capable analogs. To use both port types, set **LDAP_PROXYPROTO_PORT_NUMBER** to some different value than **LDAP_PORT_NUMBER**. The same statement applied to **LDAP_PROXYPROTO_LDAPS_PORT_NUMBER** and **LDAP_LDAPS_PORT_NUMBER** pair. @@ -393,7 +398,7 @@ docker run --name openldap bitnami/openldap:latest ### 2.4.58-debian-10-r93 -* The default database backend has been changed from `hdb` to `mdb` as recommended. No additional steps should be necessary at upgrade time; the new container version `2.4.59` will initialize using the persisted data. +- The default database backend has been changed from `hdb` to `mdb` as recommended. No additional steps should be necessary at upgrade time; the new container version `2.4.59` will initialize using the persisted data. ## Using `docker-compose.yaml` diff --git a/bitnami/openresty/1.25/README.md b/bitnami/openresty/1.25/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/openresty/1.25/README.md +++ b/bitnami/openresty/1.25/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/openresty/1.27/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/openresty/1.27/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/openresty/1.27/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/openresty/1.27/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/openresty/README.md b/bitnami/openresty/README.md index 08c80ebafa4c..06f4e50b7ac6 100644 --- a/bitnami/openresty/README.md +++ b/bitnami/openresty/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name openresty bitnami/openresty:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OpenResty in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use OpenResty in production? Try [VMware Tanzu Application Catalog](h Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -236,7 +241,7 @@ Additionally, you can install your custom Lua modules using [your custom init sc The [module ngx_http_dav_module](https://nginx.org/en/docs/http/ngx_http_dav_module.html) is intended for file management automation via the WebDAV protocol. In current Bitnami images, this module is built as a dynamic module located under the `/opt/bitnami/openresty/nginx/modules` directory. You will need to load it in your configuration for you to be able to use its directives. -``` +```text load_module /opt/bitnami/openresty/nginx/modules/ngx_http_dav_module.so; ``` @@ -264,7 +269,7 @@ server { **Further Reading:** -* [NGINX reverse proxy](http://nginx.com/resources/admin-guide/reverse-proxy/) +- [NGINX reverse proxy](http://nginx.com/resources/admin-guide/reverse-proxy/) ## Logging @@ -284,11 +289,11 @@ The Bitnami OpenResty Docker image is designed to be extended so it can be used Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the port used by OpenResty for HTTP setting the environment variable `OPENRESTY_HTTP_PORT_NUMBER`. -* [Initializing a new instance](#initializing-a-new-instance) -* [Adding custom server blocks](#adding-custom-server-blocks). -* [Replacing the 'nginx.conf' file](#full-configuration). -* [Using custom SSL certificates](#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the port used by OpenResty for HTTP setting the environment variable `OPENRESTY_HTTP_PORT_NUMBER`. +- [Initializing a new instance](#initializing-a-new-instance) +- [Adding custom server blocks](#adding-custom-server-blocks). +- [Replacing the 'nginx.conf' file](#full-configuration). +- [Using custom SSL certificates](#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -300,10 +305,10 @@ FROM bitnami/openresty Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the OpenResty configuration file -* Modify the ports used by OpenResty -* Change the user that runs the container +- Install the `vim` editor +- Modify the OpenResty configuration file +- Modify the ports used by OpenResty +- Change the user that runs the container ```Dockerfile FROM bitnami/openresty @@ -364,11 +369,11 @@ docker run --name nginx bitnami/openresty:latest ### Starting February 10, 2025 -* The [module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol, has been converted into a dynamic module. +- The [module ngx_http_dav_module](http://nginx.org/en/docs/http/ngx_http_dav_module.html), WebDAV protocol, has been converted into a dynamic module. ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/opensearch-dashboards/2/README.md b/bitnami/opensearch-dashboards/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/opensearch-dashboards/2/README.md +++ b/bitnami/opensearch-dashboards/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/opensearch-dashboards/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/opensearch-dashboards/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/opensearch-dashboards/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/opensearch-dashboards/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/opensearch-dashboards/README.md b/bitnami/opensearch-dashboards/README.md index 9fa96ef472aa..9b703a4d8dc8 100644 --- a/bitnami/opensearch-dashboards/README.md +++ b/bitnami/opensearch-dashboards/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name opensearch-dashboards bitnami/opensearch-dashboards:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OpenSearch Dashboards in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -156,7 +161,7 @@ Check the [official OpenSearch Dashboards documentation](https://opensearch.org/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/opensearch/2/README.md b/bitnami/opensearch/2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/opensearch/2/README.md +++ b/bitnami/opensearch/2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/opensearch/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/opensearch/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/opensearch/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/opensearch/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/opensearch/README.md b/bitnami/opensearch/README.md index a36b132d82aa..fede5cee6507 100644 --- a/bitnami/opensearch/README.md +++ b/bitnami/opensearch/README.md @@ -15,14 +15,25 @@ docker run --name opensearch bitnami/opensearch:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OpenSearch in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -277,7 +282,7 @@ docker-compose up -d When you start the opensearch image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For Docker Compose, add the variable name and value under the application section: +- For Docker Compose, add the variable name and value under the application section: ```yaml opensearch: @@ -287,7 +292,7 @@ opensearch: ... ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console $ docker run -d --name opensearch \ @@ -301,17 +306,17 @@ opensearch: A cluster can easily be setup with the Bitnami OpenSearch Docker Image using the following environment variables: -* `OPENSEARCH_CLUSTER_NAME`: The OpenSearch Cluster Name. Default: **opensearch-cluster** -* `OPENSEARCH_CLUSTER_HOSTS`: List of opensearch hosts to set the cluster. Available separators are ' ', ',' and ';'. No defaults. -* `OPENSEARCH_CLIENT_NODE`: OpenSearch node to behave as a 'smart router' for Kibana app. Default: **false** -* `OPENSEARCH_NODE_NAME`: OpenSearch node name. No defaults. -* `OPENSEARCH_MINIMUM_MASTER_NODES`: Minimum OpenSearch master nodes for a quorum. No defaults. +- `OPENSEARCH_CLUSTER_NAME`: The OpenSearch Cluster Name. Default: **opensearch-cluster** +- `OPENSEARCH_CLUSTER_HOSTS`: List of opensearch hosts to set the cluster. Available separators are ' ', ',' and ';'. No defaults. +- `OPENSEARCH_CLIENT_NODE`: OpenSearch node to behave as a 'smart router' for Kibana app. Default: **false** +- `OPENSEARCH_NODE_NAME`: OpenSearch node name. No defaults. +- `OPENSEARCH_MINIMUM_MASTER_NODES`: Minimum OpenSearch master nodes for a quorum. No defaults. For larger cluster, you can setup 'dedicated nodes' using the following environment variables: -* `OPENSEARCH_IS_DEDICATED_NODE`: OpenSearch node to behave as a 'dedicated node'. Default: **no** -* `OPENSEARCH_NODE_TYPE`: OpenSearch node type when behaving as a 'dedicated node'. Valid values: *master*, *data*, *coordinating* or *ingest*. -* `OPENSEARCH_CLUSTER_MASTER_HOSTS`: List of opensearch master-eligible hosts. Available separators are ' ', ',' and ';'. If no values are provided, it will have the same value as `OPENSEARCH_CLUSTER_HOSTS`. +- `OPENSEARCH_IS_DEDICATED_NODE`: OpenSearch node to behave as a 'dedicated node'. Default: **no** +- `OPENSEARCH_NODE_TYPE`: OpenSearch node type when behaving as a 'dedicated node'. Valid values: *master*, *data*, *coordinating* or *ingest*. +- `OPENSEARCH_CLUSTER_MASTER_HOSTS`: List of opensearch master-eligible hosts. Available separators are ' ', ',' and ';'. If no values are provided, it will have the same value as `OPENSEARCH_CLUSTER_HOSTS`. Find more information about 'dedicated nodes' in the [official documentation](https://www.elastic.co/guide/en/opensearch/reference/current/modules-node.html). @@ -526,11 +531,11 @@ We'd love for you to contribute to this Docker image. You can request new featur If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new/choose). For us to provide better support, be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/oras/README.md b/bitnami/oras/README.md index 8e87eae7d5da..9ce480c082ac 100644 --- a/bitnami/oras/README.md +++ b/bitnami/oras/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name oras bitnami/oras:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ORAS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use ORAS in production? Try [VMware Tanzu Application Catalog](https: Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official ORAS documentation](https://oras.land/cli/) for a list of th ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/os-shell/README.md b/bitnami/os-shell/README.md index da92e94a5e3c..e06fa98b616b 100644 --- a/bitnami/os-shell/README.md +++ b/bitnami/os-shell/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name os-shell bitnami/os-shell:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use OS Shell + Utility in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ docker run --rm --name os-shell bitnami/os-shell:latest echo hello world ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/parse-dashboard/7/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/parse-dashboard/7/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/parse-dashboard/7/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/parse-dashboard/7/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/parse-dashboard/README.md b/bitnami/parse-dashboard/README.md index ee55607c319f..bfc463351dc9 100644 --- a/bitnami/parse-dashboard/README.md +++ b/bitnami/parse-dashboard/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name parse-dashboard bitnami/parse-dashboard:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Parse Dashboard in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Parse Dashboard in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -140,7 +145,7 @@ Bitnami provides up-to-date versions of Parse Dashboard, including security patc 2. Stop your container - * `$ docker stop parse-dashboard` + - `$ docker stop parse-dashboard` 3. Take a snapshot of the application state @@ -154,11 +159,11 @@ Bitnami provides up-to-date versions of Parse Dashboard, including security patc 4. Remove the currently running container - * `$ docker rm parse-dashboard` + - `$ docker rm parse-dashboard` 5. Run the new image - * Mount the directories if needed: `docker run --name parse-dashboard bitnami/parse-dashboard:latest` + - Mount the directories if needed: `docker run --name parse-dashboard bitnami/parse-dashboard:latest` ## Configuration @@ -207,7 +212,7 @@ parse-dashboard: ... ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console docker run -d -e PARSE_DASHBOARD_PASSWORD=my_password -p 80:4040 --name parse-dashboard -v /your/local/path/bitnami/parse_dashboard:/bitnami --network=parse_dashboard-tier bitnami/parse-dashboard @@ -217,16 +222,16 @@ parse-dashboard: ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 2.1.0-debian-10-r328 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. ### 1.2.0-r69 -* The Parse Dashboard container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Parse Dashboard daemon was started as the `parsedashboard` user. From now on, both the container and the Parse Dashboard daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Parse Dashboard container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Parse Dashboard daemon was started as the `parsedashboard` user. From now on, both the container and the Parse Dashboard daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Contributing diff --git a/bitnami/parse/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/parse/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/parse/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/parse/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/parse/README.md b/bitnami/parse/README.md index 15de0709460e..2cba05d7dd3d 100644 --- a/bitnami/parse/README.md +++ b/bitnami/parse/README.md @@ -15,14 +15,25 @@ docker run --name parse bitnami/parse:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Parse Server in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -166,8 +171,8 @@ Bitnami provides up-to-date versions of Mongodb and Parse, including security pa 2. Stop your container - * For docker-compose: `$ docker-compose stop parse` - * For manual execution: `$ docker stop parse` + - For docker-compose: `$ docker-compose stop parse` + - For manual execution: `$ docker stop parse` 3. Take a snapshot of the application state @@ -181,13 +186,13 @@ Bitnami provides up-to-date versions of Mongodb and Parse, including security pa 4. Remove the currently running container - * For docker-compose: `$ docker-compose rm parse` - * For manual execution: `$ docker rm parse` + - For docker-compose: `$ docker-compose rm parse` + - For manual execution: `$ docker rm parse` 5. Run the new image - * For docker-compose: `$ docker-compose up parse` - * For manual execution (mount the directories if needed): `docker run --name parse bitnami/parse:latest` + - For docker-compose: `$ docker-compose up parse` + - For manual execution (mount the directories if needed): `docker run --name parse bitnami/parse:latest` ## Configuration @@ -230,7 +235,7 @@ Bitnami provides up-to-date versions of Mongodb and Parse, including security pa When you start the parse image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/parse/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/parse/docker-compose.yml) file present in this repository: ```yaml parse: @@ -240,7 +245,7 @@ parse: ... ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console docker run -d -e PARSE_HOST=my_host -p 1337:1337 --name parse -v /your/local/path/bitnami/parse:/bitnami --network=parse_network bitnami/parse @@ -250,7 +255,7 @@ parse: You can use Cloud Code to run a piece of code in your Parse Server instead of the user's mobile devices. To run your Cloud functions using this image, follow the steps below: -* Create a directory on your host machine and put your Cloud functions on it. In the example below, a simple "Hello world!" function is used: +- Create a directory on your host machine and put your Cloud functions on it. In the example below, a simple "Hello world!" function is used: ```console $ mkdir ~/cloud @@ -261,7 +266,7 @@ Parse.Cloud.define("sayHelloWorld", function(request, response) { EOF ``` -* Mount the directory as a data volume at the `/opt/bitnami/parse/cloud` path on your Parse Container and set the environment variable `PARSE_ENABLE_CLOUD_CODE` to `yes`. You can use the `docker-compose.yml` below: +- Mount the directory as a data volume at the `/opt/bitnami/parse/cloud` path on your Parse Container and set the environment variable `PARSE_ENABLE_CLOUD_CODE` to `yes`. You can use the `docker-compose.yml` below: > NOTE: In the example below, Parse Dashboard is also deployed. @@ -300,15 +305,15 @@ volumes: driver: local ``` -* Use the `docker-compose` tool to deploy Parse and Parse Dashboard: +- Use the `docker-compose` tool to deploy Parse and Parse Dashboard: ```console docker-compose up -d ``` -* Once both Parse and Parse Dashboard are running, access Parse Dashboard and browse to 'My Dashboard -> API Console'. -* Then, send a 'test query' of type 'POST' using 'functions/sayHelloWorld' as endpoint. Ensure you activate the 'Master Key' parameter. -* Everything should be working now and you should receive a 'Hello World' message in the results. +- Once both Parse and Parse Dashboard are running, access Parse Dashboard and browse to 'My Dashboard -> API Console'. +- Then, send a 'test query' of type 'POST' using 'functions/sayHelloWorld' as endpoint. Ensure you activate the 'Master Key' parameter. +- Everything should be working now and you should receive a 'Hello World' message in the results. Find more information about Cloud Code and Cloud functions in the [official documentation](https://docs.parseplatform.org/cloudcode/guide/). @@ -316,16 +321,16 @@ Find more information about Cloud Code and Cloud functions in the [official docu ### 4.9.3 -* This version was released from an incorrect version tag from the upstream Parse repositories. Parse developers have reported issues in some functionalities, though no concerns in regards to privacy, security, or legality were found. As such, we strongly recommend updating this version as soon as possible. You can find more information in [Parse 4.10.0 Release Notes](https://github.com/parse-community/parse-server/releases/tag/4.10.0) +- This version was released from an incorrect version tag from the upstream Parse repositories. Parse developers have reported issues in some functionalities, though no concerns in regards to privacy, security, or legality were found. As such, we strongly recommend updating this version as soon as possible. You can find more information in [Parse 4.10.0 Release Notes](https://github.com/parse-community/parse-server/releases/tag/4.10.0) ### 4.9.3-debian-10-r161 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. ### 3.1.2-r14 -* The Parse container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Parse daemon was started as the `parse` user. From now on, both the container and the Parse daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Parse container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Parse daemon was started as the `parse` user. From now on, both the container and the Parse daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Contributing diff --git a/bitnami/percona-mysql/8.0/README.md b/bitnami/percona-mysql/8.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/percona-mysql/8.0/README.md +++ b/bitnami/percona-mysql/8.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/percona-mysql/8.1/README.md b/bitnami/percona-mysql/8.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/percona-mysql/8.1/README.md +++ b/bitnami/percona-mysql/8.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/percona-mysql/8.2/README.md b/bitnami/percona-mysql/8.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/percona-mysql/8.2/README.md +++ b/bitnami/percona-mysql/8.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/percona-mysql/8.3/README.md b/bitnami/percona-mysql/8.3/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/percona-mysql/8.3/README.md +++ b/bitnami/percona-mysql/8.3/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/percona-mysql/8.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/percona-mysql/8.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/percona-mysql/8.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/percona-mysql/8.4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/percona-mysql/README.md b/bitnami/percona-mysql/README.md index e60545fa4937..460cd3159a48 100644 --- a/bitnami/percona-mysql/README.md +++ b/bitnami/percona-mysql/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name percona-mysql bitnami/percona-mysql:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Percona Server for MySQL in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/pgbouncer/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/pgbouncer/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/pgbouncer/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/pgbouncer/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/pgbouncer/README.md b/bitnami/pgbouncer/README.md index ed81141eaa0f..1b5ce283541a 100644 --- a/bitnami/pgbouncer/README.md +++ b/bitnami/pgbouncer/README.md @@ -15,14 +15,25 @@ docker run --name pgbouncer bitnami/pgbouncer:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PgBouncer in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use PgBouncer in production? Try [VMware Tanzu Application Catalog](h Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -179,7 +184,7 @@ docker run --name pgbouncer \ ### Exposed database -* `PGBOUNCER_DATABASE`: PgBouncer exposed database. Default: **postgres**. +- `PGBOUNCER_DATABASE`: PgBouncer exposed database. Default: **postgres**. In case you'd like pgbouncer to expose your database with a different name, you can use the `PGBOUNCER_DATABASE` variable. To expose the same database name as the backend, set `PGBOUNCER_DATABASE="$POSTGRESQL_DATABASE"`. @@ -210,18 +215,18 @@ pgbouncer: PgBouncer supports the encryption of connections using the SSL/TLS protocol. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `PGBOUNCER_CLIENT_TLS_SSLMODE`: TLS traffic settings. Defaults to `disable`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `client_tls_sslmode`. -* `PGBOUNCER_CLIENT_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `PGBOUNCER_CLIENT_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `PGBOUNCER_CLIENT_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PgBouncer will authenticate TLS/SSL clients by requesting them a certificate . No defaults. -* `PGBOUNCER_CLIENT_TLS_CIPHERS`: TLS ciphers to be used. Defaults to `fast`.Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `client_tls_ciphers`. +- `PGBOUNCER_CLIENT_TLS_SSLMODE`: TLS traffic settings. Defaults to `disable`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `client_tls_sslmode`. +- `PGBOUNCER_CLIENT_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `PGBOUNCER_CLIENT_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `PGBOUNCER_CLIENT_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PgBouncer will authenticate TLS/SSL clients by requesting them a certificate . No defaults. +- `PGBOUNCER_CLIENT_TLS_CIPHERS`: TLS ciphers to be used. Defaults to `fast`.Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `client_tls_ciphers`. -* `PGBOUNCER_SERVER_TLS_SSLMODE`: Server TLS traffic settings. Defaults to `disable`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_sslmode`. -* `PGBOUNCER_SERVER_TLS_KEY_FILE`: File containing the key to authenticate against PostgreSQL server. No defaults. -* `PGBOUNCER_SERVER_TLS_CERT_FILE`: File containing the certificate associated to previous private key. PostgreSQL server can validate it. No defaults. -* `PGBOUNCER_SERVER_TLS_CA_FILE`: File containing the CA of the server certificate. If provided, PgBouncer will authenticate TLS/SSL clients by requesting them a certificate . No defaults. -* `PGBOUNCER_SERVER_TLS_PROTOCOLS`: TLS protocols to be used in server connection. Defaults to `secure`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_protocols`. -* `PGBOUNCER_SERVER_TLS_CIPHERS`: TLS ciphers to be used in server connection. Defaults to `fast`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_ciphers`. +- `PGBOUNCER_SERVER_TLS_SSLMODE`: Server TLS traffic settings. Defaults to `disable`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_sslmode`. +- `PGBOUNCER_SERVER_TLS_KEY_FILE`: File containing the key to authenticate against PostgreSQL server. No defaults. +- `PGBOUNCER_SERVER_TLS_CERT_FILE`: File containing the certificate associated to previous private key. PostgreSQL server can validate it. No defaults. +- `PGBOUNCER_SERVER_TLS_CA_FILE`: File containing the CA of the server certificate. If provided, PgBouncer will authenticate TLS/SSL clients by requesting them a certificate . No defaults. +- `PGBOUNCER_SERVER_TLS_PROTOCOLS`: TLS protocols to be used in server connection. Defaults to `secure`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_protocols`. +- `PGBOUNCER_SERVER_TLS_CIPHERS`: TLS ciphers to be used in server connection. Defaults to `fast`. Check the [official PgBouncer documentation](https://www.pgbouncer.org/config.html) for the available values for `server_tls_ciphers`. When enabling TLS, PgBouncer will support both standard and encrypted traffic by default but prefer the latter. Below there are some examples of how to quickly set up client TLS traffic: diff --git a/bitnami/pgpool/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/pgpool/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/pgpool/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/pgpool/4/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/pgpool/README.md b/bitnami/pgpool/README.md index 8b9858bff43c..7954ca2da4b5 100644 --- a/bitnami/pgpool/README.md +++ b/bitnami/pgpool/README.md @@ -17,14 +17,25 @@ docker run --name pgpool bitnami/pgpool:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Pgpool-II in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -36,12 +47,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -239,69 +244,69 @@ A HA PostgreSQL cluster with Pgpool, [Streaming replication](https://www.postgre Pgpool configuration: -* `PGPOOL_PASSWORD_FILE`: Path to a file that contains the password for the custom user set in the `PGPOOL_USERNAME` environment variable. This will override the value specified in `PGPOOL_PASSWORD`. No defaults. -* `PGPOOL_SR_CHECK_PERIOD`: Specifies the time interval in seconds to check the streaming replication delay. Defaults to `30`. -* `PGPOOL_SR_CHECK_USER`: Username to use to perform streaming checks. This is the user that is used to check that streaming replication is working. Typically, this is the user owner of the 'repmgr' database. No defaults. -* `PGPOOL_SR_CHECK_PASSWORD`: Password to use to perform streaming checks. No defaults. -* `PGPOOL_SR_CHECK_PASSWORD_FILE`: Path to a file that contains the password to use to perform streaming checks. This will override the value specified in `PGPOOL_SR_CHECK_PASSWORD`. No defaults. -* `PGPOOL_SR_CHECK_DATABASE`: Database to use to perform streaming checks. Defaults to `postgres`. -* `PGPOOL_BACKEND_NODES`: Comma separated list of backend nodes in the cluster. No defaults. -* `PGPOOL_ENABLE_LDAP`: Whether to enable LDAP authentication. Defaults to `no`. -* `PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE`: Specify load balance behavior after write queries appear ('off', 'transaction', 'trans_transaction', 'always'). Defaults to 'transaction' -* `PGPOOL_ENABLE_LOAD_BALANCING`: Whether to enable Load-Balancing mode. Defaults to `yes`. -* `PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING`: Whether to decide the load balancing node for each read query. Defaults to `no`. -* `PGPOOL_ENABLE_POOL_HBA`: Whether to use the pool_hba.conf authentication. Defaults to `yes`. -* `PGPOOL_ENABLE_POOL_PASSWD`: Whether to use a password file specified by `PGPOOL_PASSWD_FILE` for authentication. Defaults to `yes`. -* `PGPOOL_PASSWD_FILE`: The password file for authentication. Defaults to `pool_passwd`. -* `PGPOOL_NUM_INIT_CHILDREN`: The number of preforked Pgpool-II server processes. It is also the concurrent connections limit to Pgpool-II from clients. Defaults to `32`. -* `PGPOOL_RESERVED_CONNECTIONS`: When this parameter is set to 1 or greater, incoming connections from clients are not accepted with error message "Sorry, too many clients already", rather than blocked if the number of current connections from clients is more than (num_init_children - reserved_connections). Defaults to `0`. -* `PGPOOL_MAX_POOL`: The maximum number of cached connections in each child process. Defaults to `15`. -* `PGPOOL_CHILD_MAX_CONNECTIONS`: Specifies the lifetime of a Pgpool-II child process in terms of the number of client connections it can receive. Pgpool-II will terminate the child process after it has served child_max_connections client connections and will immediately spawn a new child process to take its place. Defaults to `0` which turns off the feature. -* `PGPOOL_CHILD_LIFE_TIME`: The time in seconds to terminate a Pgpool-II child process if it remains idle. Defaults to `300`. -* `PGPOOL_CLIENT_IDLE_LIMIT`: The time in seconds to disconnect a client if it remains idle since the last query. Defaults to `0` which turns off the feature. -* `PGPOOL_CONNECTION_LIFE_TIME`: The time in seconds to terminate the cached connections to the PostgreSQL backend. Defaults to `0` which turns off the feature. -* `PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT`: Log every SQL statement for each DB node separately. Defaults to `no`. -* `PGPOOL_ENABLE_LOG_CONNECTIONS`: Log all client connections. Defaults to `no`. -* `PGPOOL_ENABLE_LOG_HOSTNAME`: Log the client hostname instead of IP address. Defaults to `no`. -* `PGPOOL_LOG_LINE_PREFIX`: Define the format of the log entry lines. Find in the [official Pgpool documentation](https://www.pgpool.net/docs/latest/en/html/runtime-config-logging.html) the string parameters. No defaults. -* `PGPOOL_CLIENT_MIN_MESSAGES`: Set the minimum message levels are sent to the client. Find in the [official Pgpool documentation](https://www.pgpool.net/docs/latest/en/html/runtime-config-logging.html) the supported values. Defaults to `notice`. -* `PGPOOL_POSTGRES_USERNAME`: Postgres administrator user name, this will be use to allow postgres admin authentication through Pgpool. -* `PGPOOL_POSTGRES_PASSWORD`: Password for the user set in `PGPOOL_POSTGRES_USERNAME` environment variable. No defaults. -* `PGPOOL_ADMIN_USERNAME`: Username for the pgpool administrator. No defaults. -* `PGPOOL_ADMIN_PASSWORD`: Password for the user set in `PGPOOL_ADMIN_USERNAME` environment variable. No defaults. -* `PGPOOL_HEALTH_CHECK_USER`: Specifies the PostgreSQL user name to perform health check. Defaults to value set in `PGPOOL_SR_CHECK_USER`. -* `PGPOOL_HEALTH_CHECK_PASSWORD`: Specifies the PostgreSQL user password to perform health check. Defaults to value set in `PGPOOL_SR_CHECK_PASSWORD`. -* `PGPOOL_HEALTH_CHECK_PERIOD`: Specifies the interval between the health checks in seconds. Defaults to `30`. -* `PGPOOL_HEALTH_CHECK_TIMEOUT`: Specifies the timeout in seconds to give up connecting to the backend PostgreSQL if the TCP connect does not succeed within this time. Defaults to `10`. -* `PGPOOL_HEALTH_CHECK_MAX_RETRIES`: Specifies the maximum number of retries to do before giving up and initiating failover when health check fails. Defaults to `5`. -* `PGPOOL_HEALTH_CHECK_RETRY_DELAY`: Specifies the amount of time in seconds to sleep between failed health check retries. Defaults to `5`. -* `PGPOOL_CONNECT_TIMEOUT`: Specifies the amount of time in milliseconds before giving up connecting to backend using `connect()` system call. Default is `10000`. -* `PGPOOL_HEALTH_CHECK_PSQL_TIMEOUT`: Specifies the maximum amount of time in seconds function `pgpool_healthcheck()` waits for result of `show pool_nodes` command. It is set to `PGCONNECT_TIMEOUT` of respective `psql` execution. Default is `15`. -* `PGPOOL_USER_CONF_FILE`: Configuration file to be added to the generated config file. This allow to override configuration set by the initializacion process. No defaults. -* `PGPOOL_USER_HBA_FILE`: Configuration file to be added to the generated hba file. This allow to override configuration set by the initialization process. No defaults. -* `PGPOOL_POSTGRES_CUSTOM_USERS`: List of comma or semicolon separeted list of postgres usernames. This will create entries in `pgpool_passwd`. No defaults. -* `PGPOOL_POSTGRES_CUSTOM_PASSWORDS`: List of comma or semicolon separated list for postgresql user passwords. These are the corresponding passwords for the users in `PGPOOL_POSTGRES_CUSTOM_USERS`. No defaults. -* `PGPOOL_AUTO_FAILBACK`: Enables pgpool `[auto_failback](https://www.pgpool.net/docs/latest/en/html/runtime-config-failover.html)`. Default to `no`. -* `PGPOOL_BACKEND_APPLICATION_NAMES`: Comma separated list of backend nodes `application_name`. No defaults. -* `PGPOOL_AUTHENTICATION_METHOD`: Specifies the authentication method('md5', 'scram-sha-256'). Defaults to `scram-sha-256`. -* `PGPOOL_AES_KEY`: Specifies the AES encryption key used for 'scram-sha-256' passwords. Defaults to `random string`. +- `PGPOOL_PASSWORD_FILE`: Path to a file that contains the password for the custom user set in the `PGPOOL_USERNAME` environment variable. This will override the value specified in `PGPOOL_PASSWORD`. No defaults. +- `PGPOOL_SR_CHECK_PERIOD`: Specifies the time interval in seconds to check the streaming replication delay. Defaults to `30`. +- `PGPOOL_SR_CHECK_USER`: Username to use to perform streaming checks. This is the user that is used to check that streaming replication is working. Typically, this is the user owner of the 'repmgr' database. No defaults. +- `PGPOOL_SR_CHECK_PASSWORD`: Password to use to perform streaming checks. No defaults. +- `PGPOOL_SR_CHECK_PASSWORD_FILE`: Path to a file that contains the password to use to perform streaming checks. This will override the value specified in `PGPOOL_SR_CHECK_PASSWORD`. No defaults. +- `PGPOOL_SR_CHECK_DATABASE`: Database to use to perform streaming checks. Defaults to `postgres`. +- `PGPOOL_BACKEND_NODES`: Comma separated list of backend nodes in the cluster. No defaults. +- `PGPOOL_ENABLE_LDAP`: Whether to enable LDAP authentication. Defaults to `no`. +- `PGPOOL_DISABLE_LOAD_BALANCE_ON_WRITE`: Specify load balance behavior after write queries appear ('off', 'transaction', 'trans_transaction', 'always'). Defaults to 'transaction' +- `PGPOOL_ENABLE_LOAD_BALANCING`: Whether to enable Load-Balancing mode. Defaults to `yes`. +- `PGPOOL_ENABLE_STATEMENT_LOAD_BALANCING`: Whether to decide the load balancing node for each read query. Defaults to `no`. +- `PGPOOL_ENABLE_POOL_HBA`: Whether to use the pool_hba.conf authentication. Defaults to `yes`. +- `PGPOOL_ENABLE_POOL_PASSWD`: Whether to use a password file specified by `PGPOOL_PASSWD_FILE` for authentication. Defaults to `yes`. +- `PGPOOL_PASSWD_FILE`: The password file for authentication. Defaults to `pool_passwd`. +- `PGPOOL_NUM_INIT_CHILDREN`: The number of preforked Pgpool-II server processes. It is also the concurrent connections limit to Pgpool-II from clients. Defaults to `32`. +- `PGPOOL_RESERVED_CONNECTIONS`: When this parameter is set to 1 or greater, incoming connections from clients are not accepted with error message "Sorry, too many clients already", rather than blocked if the number of current connections from clients is more than (num_init_children - reserved_connections). Defaults to `0`. +- `PGPOOL_MAX_POOL`: The maximum number of cached connections in each child process. Defaults to `15`. +- `PGPOOL_CHILD_MAX_CONNECTIONS`: Specifies the lifetime of a Pgpool-II child process in terms of the number of client connections it can receive. Pgpool-II will terminate the child process after it has served child_max_connections client connections and will immediately spawn a new child process to take its place. Defaults to `0` which turns off the feature. +- `PGPOOL_CHILD_LIFE_TIME`: The time in seconds to terminate a Pgpool-II child process if it remains idle. Defaults to `300`. +- `PGPOOL_CLIENT_IDLE_LIMIT`: The time in seconds to disconnect a client if it remains idle since the last query. Defaults to `0` which turns off the feature. +- `PGPOOL_CONNECTION_LIFE_TIME`: The time in seconds to terminate the cached connections to the PostgreSQL backend. Defaults to `0` which turns off the feature. +- `PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT`: Log every SQL statement for each DB node separately. Defaults to `no`. +- `PGPOOL_ENABLE_LOG_CONNECTIONS`: Log all client connections. Defaults to `no`. +- `PGPOOL_ENABLE_LOG_HOSTNAME`: Log the client hostname instead of IP address. Defaults to `no`. +- `PGPOOL_LOG_LINE_PREFIX`: Define the format of the log entry lines. Find in the [official Pgpool documentation](https://www.pgpool.net/docs/latest/en/html/runtime-config-logging.html) the string parameters. No defaults. +- `PGPOOL_CLIENT_MIN_MESSAGES`: Set the minimum message levels are sent to the client. Find in the [official Pgpool documentation](https://www.pgpool.net/docs/latest/en/html/runtime-config-logging.html) the supported values. Defaults to `notice`. +- `PGPOOL_POSTGRES_USERNAME`: Postgres administrator user name, this will be use to allow postgres admin authentication through Pgpool. +- `PGPOOL_POSTGRES_PASSWORD`: Password for the user set in `PGPOOL_POSTGRES_USERNAME` environment variable. No defaults. +- `PGPOOL_ADMIN_USERNAME`: Username for the pgpool administrator. No defaults. +- `PGPOOL_ADMIN_PASSWORD`: Password for the user set in `PGPOOL_ADMIN_USERNAME` environment variable. No defaults. +- `PGPOOL_HEALTH_CHECK_USER`: Specifies the PostgreSQL user name to perform health check. Defaults to value set in `PGPOOL_SR_CHECK_USER`. +- `PGPOOL_HEALTH_CHECK_PASSWORD`: Specifies the PostgreSQL user password to perform health check. Defaults to value set in `PGPOOL_SR_CHECK_PASSWORD`. +- `PGPOOL_HEALTH_CHECK_PERIOD`: Specifies the interval between the health checks in seconds. Defaults to `30`. +- `PGPOOL_HEALTH_CHECK_TIMEOUT`: Specifies the timeout in seconds to give up connecting to the backend PostgreSQL if the TCP connect does not succeed within this time. Defaults to `10`. +- `PGPOOL_HEALTH_CHECK_MAX_RETRIES`: Specifies the maximum number of retries to do before giving up and initiating failover when health check fails. Defaults to `5`. +- `PGPOOL_HEALTH_CHECK_RETRY_DELAY`: Specifies the amount of time in seconds to sleep between failed health check retries. Defaults to `5`. +- `PGPOOL_CONNECT_TIMEOUT`: Specifies the amount of time in milliseconds before giving up connecting to backend using `connect()` system call. Default is `10000`. +- `PGPOOL_HEALTH_CHECK_PSQL_TIMEOUT`: Specifies the maximum amount of time in seconds function `pgpool_healthcheck()` waits for result of `show pool_nodes` command. It is set to `PGCONNECT_TIMEOUT` of respective `psql` execution. Default is `15`. +- `PGPOOL_USER_CONF_FILE`: Configuration file to be added to the generated config file. This allow to override configuration set by the initializacion process. No defaults. +- `PGPOOL_USER_HBA_FILE`: Configuration file to be added to the generated hba file. This allow to override configuration set by the initialization process. No defaults. +- `PGPOOL_POSTGRES_CUSTOM_USERS`: List of comma or semicolon separeted list of postgres usernames. This will create entries in `pgpool_passwd`. No defaults. +- `PGPOOL_POSTGRES_CUSTOM_PASSWORDS`: List of comma or semicolon separated list for postgresql user passwords. These are the corresponding passwords for the users in `PGPOOL_POSTGRES_CUSTOM_USERS`. No defaults. +- `PGPOOL_AUTO_FAILBACK`: Enables pgpool `[auto_failback](https://www.pgpool.net/docs/latest/en/html/runtime-config-failover.html)`. Default to `no`. +- `PGPOOL_BACKEND_APPLICATION_NAMES`: Comma separated list of backend nodes `application_name`. No defaults. +- `PGPOOL_AUTHENTICATION_METHOD`: Specifies the authentication method('md5', 'scram-sha-256'). Defaults to `scram-sha-256`. +- `PGPOOL_AES_KEY`: Specifies the AES encryption key used for 'scram-sha-256' passwords. Defaults to `random string`. PostgreSQL with Replication Manager: -* `POSTGRESQL_POSTGRES_PASSWORD`: Password for `postgres` user. No defaults. -* `POSTGRESQL_POSTGRES_PASSWORD_FILE`: Path to a file that contains the `postgres` user password. This will override the value specified in `POSTGRESQL_POSTGRES_PASSWORD`. No defaults. -* `POSTGRESQL_USERNAME`: Custom user to access the database. No defaults. -* `POSTGRESQL_DATABASE`: Custom database to be created on first run. No defaults. -* `POSTGRESQL_PASSWORD`: Password for the custom user set in the `POSTGRESQL_USERNAME` environment variable. No defaults. -* `POSTGRESQL_PASSWORD_FILE`: Path to a file that contains the password for the custom user set in the `POSTGRESQL_USERNAME` environment variable. This will override the value specified in `POSTGRESQL_PASSWORD`. No defaults. -* `REPMGR_USERNAME`: Username for `repmgr` user. Defaults to `repmgr`. -* `REPMGR_PASSWORD_FILE`: Path to a file that contains the `repmgr` user password. This will override the value specified in `REPMGR_PASSWORD`. No defaults. -* `REPMGR_PASSWORD`: Password for `repmgr` user. No defaults. -* `REPMGR_PRIMARY_HOST`: Hostname of the initial primary node. No defaults. -* `REPMGR_PARTNER_NODES`: Comma separated list of partner nodes in the cluster. No defaults. -* `REPMGR_NODE_NAME`: Node name. No defaults. -* `REPMGR_NODE_NETWORK_NAME`: Node hostname. No defaults. -* `POSTGRESQL_CLUSTER_APP_NAME`: Node `application_name`. In the case you are enabling auto_failback, each node needs a different name. Defaults to `walreceiver`. +- `POSTGRESQL_POSTGRES_PASSWORD`: Password for `postgres` user. No defaults. +- `POSTGRESQL_POSTGRES_PASSWORD_FILE`: Path to a file that contains the `postgres` user password. This will override the value specified in `POSTGRESQL_POSTGRES_PASSWORD`. No defaults. +- `POSTGRESQL_USERNAME`: Custom user to access the database. No defaults. +- `POSTGRESQL_DATABASE`: Custom database to be created on first run. No defaults. +- `POSTGRESQL_PASSWORD`: Password for the custom user set in the `POSTGRESQL_USERNAME` environment variable. No defaults. +- `POSTGRESQL_PASSWORD_FILE`: Path to a file that contains the password for the custom user set in the `POSTGRESQL_USERNAME` environment variable. This will override the value specified in `POSTGRESQL_PASSWORD`. No defaults. +- `REPMGR_USERNAME`: Username for `repmgr` user. Defaults to `repmgr`. +- `REPMGR_PASSWORD_FILE`: Path to a file that contains the `repmgr` user password. This will override the value specified in `REPMGR_PASSWORD`. No defaults. +- `REPMGR_PASSWORD`: Password for `repmgr` user. No defaults. +- `REPMGR_PRIMARY_HOST`: Hostname of the initial primary node. No defaults. +- `REPMGR_PARTNER_NODES`: Comma separated list of partner nodes in the cluster. No defaults. +- `REPMGR_NODE_NAME`: Node name. No defaults. +- `REPMGR_NODE_NETWORK_NAME`: Node hostname. No defaults. +- `POSTGRESQL_CLUSTER_APP_NAME`: Node `application_name`. In the case you are enabling auto_failback, each node needs a different name. Defaults to `walreceiver`. In a HA PostgreSQL cluster you can have one primary and zero or more standby nodes. The primary node is in read-write mode, while the standby nodes are in read-only mode. For best performance its advisable to limit the reads to the standby nodes. @@ -395,11 +400,11 @@ In order to have your custom files inside the docker image you can mount them as Pgpool supports the encryption of connections using the SSL/TLS protocol. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `PGPOOL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `PGPOOL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `PGPOOL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `PGPOOL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, Pgpool will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.pgpool.net/docs/latest/en/html/runtime-ssl.html)). No defaults. -* `PGPOOL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. +- `PGPOOL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `PGPOOL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `PGPOOL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `PGPOOL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, Pgpool will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.pgpool.net/docs/latest/en/html/runtime-ssl.html)). No defaults. +- `PGPOOL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. When enabling TLS, Pgpool will support both standard and encrypted traffic by default, but prefer the latter. Below there are some examples on how to quickly set up TLS traffic: @@ -594,18 +599,18 @@ docker-compose up pgpool ### 4.3.1-debian-10-r67 -* The ENV `PGPOOL_AUTHENTICATION_METHOD` default value has been changed from `md5` to `scram-sha-256` as our `bitnami/postgresql-repmgr:latest` image now uses PSQL v14, which has `scram-sha-256` as the default auth method. +- The ENV `PGPOOL_AUTHENTICATION_METHOD` default value has been changed from `md5` to `scram-sha-256` as our `bitnami/postgresql-repmgr:latest` image now uses PSQL v14, which has `scram-sha-256` as the default auth method. ### 4.1.1-debian-10-r35 -* The Pgpool container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Pgpool daemon was started as the `pgpool` user. From now on, both the container and the Pgpool daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. -* No backwards compatibility issues are expected. -* Environment variables related to LDAP configuration were renamed removing the `PGPOOL_` prefix. For instance, to indicate the LDAP URI to use, you must set `LDAP_URI` instead of `PGPOOL_LDAP_URI`. +- The Pgpool container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Pgpool daemon was started as the `pgpool` user. From now on, both the container and the Pgpool daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- No backwards compatibility issues are expected. +- Environment variables related to LDAP configuration were renamed removing the `PGPOOL_` prefix. For instance, to indicate the LDAP URI to use, you must set `LDAP_URI` instead of `PGPOOL_LDAP_URI`. ### 4.1.0-centos-7-r8 -* `4.1.0-centos-7-r8` is considered the latest image based on CentOS. -* Standard supported distros: Debian & OEL. +- `4.1.0-centos-7-r8` is considered the latest image based on CentOS. +- Standard supported distros: Debian & OEL. ## Using `docker-compose.yaml` diff --git a/bitnami/php-fpm/8.1/README.md b/bitnami/php-fpm/8.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/php-fpm/8.1/README.md +++ b/bitnami/php-fpm/8.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/php-fpm/8.2/README.md b/bitnami/php-fpm/8.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/php-fpm/8.2/README.md +++ b/bitnami/php-fpm/8.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/php-fpm/8.3/README.md b/bitnami/php-fpm/8.3/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/php-fpm/8.3/README.md +++ b/bitnami/php-fpm/8.3/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/php-fpm/README.md b/bitnami/php-fpm/README.md index 82d1e6617f45..e3008ab8801a 100644 --- a/bitnami/php-fpm/README.md +++ b/bitnami/php-fpm/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name phpfpm -v /path/to/app:/app bitnami/php-fpm ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PHP-FPM in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -46,9 +51,9 @@ The `prod` tags has been removed; from now on just the regular container images The formatting convention for `prod` tags has been changed: -* `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` -* `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` -* `latest-prod` is now deprecated +- `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` +- `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` +- `latest-prod` is now deprecated ## Get this image @@ -187,7 +192,7 @@ docker run -it --name phpfpm bitnami/php-fpm php -a **Further Reading:** -* [PHP Interactive Shell Documentation](http://php.net/manual/en/features.commandline.interactive.php) +- [PHP Interactive Shell Documentation](http://php.net/manual/en/features.commandline.interactive.php) ## Running your PHP script @@ -393,33 +398,33 @@ docker-compose up phpfpm ## Useful Links -* [Create An AMP Development Environment With Bitnami Containers +- [Create An AMP Development Environment With Bitnami Containers ](https://docs.bitnami.com/containers/how-to/create-amp-environment-containers/) -* [Create An EMP Development Environment With Bitnami Containers +- [Create An EMP Development Environment With Bitnami Containers ](https://docs.bitnami.com/containers/how-to/create-emp-environment-containers/) ## Notable Changes ### 7.2.3-r2, 7.1.15-r2, 7.0.28-r2 and 5.6.34-r2 (2018-03-13) -* PHP has been configured at compile time to scan the `/opt/bitnami/php/etc/conf.d/` folder for extra .ini configuration files. +- PHP has been configured at compile time to scan the `/opt/bitnami/php/etc/conf.d/` folder for extra .ini configuration files. ### 7.0.6-r0 (2016-05-17) -* All volumes have been merged at `/bitnami/php-fpm`. Now you only need to mount a single volume at `/bitnami/php-fpm` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/php-fpm`. Now you only need to mount a single volume at `/bitnami/php-fpm` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ### 5.5.30-2 (2015-12-07) -* Enables support for imagick extension +- Enables support for imagick extension ### 5.5.30-0-r01 (2015-11-10) -* `php.ini` is now exposed in the volume mounted at `/bitnami/php-fpm/conf/` allowing users to change the defaults as per their requirements. +- `php.ini` is now exposed in the volume mounted at `/bitnami/php-fpm/conf/` allowing users to change the defaults as per their requirements. ### 5.5.30-0 (2015-10-06) -* `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. +- `/app` directory is no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume are not persisted between Dockerfile `RUN` instructions. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. ## Using `docker-compose.yaml` diff --git a/bitnami/phpmyadmin/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/phpmyadmin/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/phpmyadmin/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/phpmyadmin/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/phpmyadmin/README.md b/bitnami/phpmyadmin/README.md index e1be31cc0de2..60807b2ae8c2 100644 --- a/bitnami/phpmyadmin/README.md +++ b/bitnami/phpmyadmin/README.md @@ -17,14 +17,25 @@ docker run --name phpmyadmin bitnami/phpmyadmin:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use phpMyAdmin in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Looking to use phpMyAdmin in production? Try [VMware Tanzu Application Catalog]( Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami phpMyAdmin Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/phpmyadmin). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -155,18 +160,18 @@ The `bitnami/phpmyadmin:latest` tag always points to the most recent release. To 2. Stop your container - * For docker-compose: `$ docker-compose stop phpmyadmin` - * For manual execution: `$ docker stop phpmyadmin` + - For docker-compose: `$ docker-compose stop phpmyadmin` + - For manual execution: `$ docker stop phpmyadmin` 3. Remove the currently running container - * For docker-compose: `$ docker-compose rm -v phpmyadmin` - * For manual execution: `$ docker rm -v phpmyadmin` + - For docker-compose: `$ docker-compose rm -v phpmyadmin` + - For manual execution: `$ docker rm -v phpmyadmin` 4. Run the new image - * For docker-compose: `$ docker-compose up phpmyadmin` - * For manual execution: `docker run --name phpmyadmin bitnami/phpmyadmin:latest` + - For docker-compose: `$ docker-compose up phpmyadmin` + - For manual execution: `docker run --name phpmyadmin bitnami/phpmyadmin:latest` ## Configuration @@ -257,10 +262,10 @@ The Bitnami phpMyAdmin Docker image is designed to be extended so it can be used Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -272,10 +277,10 @@ FROM bitnami/phpmyadmin Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache -* Modify the default container user +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache +- Modify the default container user ```Dockerfile FROM bitnami/phpmyadmin @@ -331,16 +336,16 @@ volumes: ### 5.0.2-debian-10-r73 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. -* The `PHPMYADMIN_ALLOW_NO_PASSWORD` environment variable has been deprecated in favor of `DATABASE_ALLOW_NO_PASSWORD`. -* New environment variables have been added to support configuring extra PHP options: `PHP_UPLOAD_MAX_FILESIZE` for `upload_max_filesize`, and `PHP_POST_MAX_SIZE` for `post_max_size`. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- The `PHPMYADMIN_ALLOW_NO_PASSWORD` environment variable has been deprecated in favor of `DATABASE_ALLOW_NO_PASSWORD`. +- New environment variables have been added to support configuring extra PHP options: `PHP_UPLOAD_MAX_FILESIZE` for `upload_max_filesize`, and `PHP_POST_MAX_SIZE` for `post_max_size`. ### 4.8.5-debian-9-r96 and 4.8.5-ol-7-r111 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ## Contributing diff --git a/bitnami/pinniped-cli/README.md b/bitnami/pinniped-cli/README.md index 5ba133e5dcca..ebbdda0499dd 100644 --- a/bitnami/pinniped-cli/README.md +++ b/bitnami/pinniped-cli/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pinniped-cli bitnami/pinniped-cli ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Pinniped CLI in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Pinniped CLI documentation](https://pinniped.dev/docs/) for ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/pinniped/README.md b/bitnami/pinniped/README.md index 3b1c005acb31..4694a50fe790 100644 --- a/bitnami/pinniped/README.md +++ b/bitnami/pinniped/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name pinniped bitnami/pinniped:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Pinniped in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official Pinniped documentation](https://pinniped.dev//docs) for more ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/plugin-barman-cloud-sidecar/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/plugin-barman-cloud-sidecar/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/plugin-barman-cloud-sidecar/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/plugin-barman-cloud-sidecar/0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/plugin-barman-cloud-sidecar/README.md b/bitnami/plugin-barman-cloud-sidecar/README.md index de46e2c7233b..ba61eb9102f5 100644 --- a/bitnami/plugin-barman-cloud-sidecar/README.md +++ b/bitnami/plugin-barman-cloud-sidecar/README.md @@ -12,23 +12,28 @@ docker run --name plugin-barman-cloud-sidecar bitnami/plugin-barman-cloud-sidecar:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Barman Cloud Plugin Sidecar for CloudNativePG in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/plugin-barman-cloud/README.md b/bitnami/plugin-barman-cloud/README.md index 76e688d32c8d..160073fd4c74 100644 --- a/bitnami/plugin-barman-cloud/README.md +++ b/bitnami/plugin-barman-cloud/README.md @@ -12,23 +12,28 @@ docker run --name plugin-barman-cloud bitnami/plugin-barman-cloud:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Barman Cloud Plugin for CloudNativePG in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/postgres-exporter/README.md b/bitnami/postgres-exporter/README.md index a82f5fd95426..7a40dc251285 100644 --- a/bitnami/postgres-exporter/README.md +++ b/bitnami/postgres-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name postgres-exporter bitnami/postgres-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PostgreSQL Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use PostgreSQL Exporter in production? Try [VMware Tanzu Application Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name postgres-exporter bitnami/postgres-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/postgresql-repmgr/13/README.md b/bitnami/postgresql-repmgr/13/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql-repmgr/13/README.md +++ b/bitnami/postgresql-repmgr/13/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql-repmgr/14/README.md b/bitnami/postgresql-repmgr/14/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql-repmgr/14/README.md +++ b/bitnami/postgresql-repmgr/14/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql-repmgr/15/README.md b/bitnami/postgresql-repmgr/15/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql-repmgr/15/README.md +++ b/bitnami/postgresql-repmgr/15/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql-repmgr/16/README.md b/bitnami/postgresql-repmgr/16/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql-repmgr/16/README.md +++ b/bitnami/postgresql-repmgr/16/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql-repmgr/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/postgresql-repmgr/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/postgresql-repmgr/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/postgresql-repmgr/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/postgresql-repmgr/README.md b/bitnami/postgresql-repmgr/README.md index 5796af519068..a1a10878b947 100644 --- a/bitnami/postgresql-repmgr/README.md +++ b/bitnami/postgresql-repmgr/README.md @@ -15,14 +15,25 @@ docker run --name postgresql-repmgr bitnami/postgresql-repmgr:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PostgreSQL HA in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami PostgreSQL HA Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -238,19 +243,19 @@ When `POSTGRESQL_USERNAME` is specified, the `postgres` user is not assigned a p A HA PostgreSQL cluster with [Streaming replication](https://www.postgresql.org/docs/10/warm-standby.html#STREAMING-REPLICATION) and [repmgr](https://repmgr.org) can easily be setup with the Bitnami PostgreSQL HA Docker Image using the following environment variables: -* `POSTGRESQL_PASSWORD`: Password for `postgres` user. No defaults. -* `POSTGRESQL_PASSWORD_FILE`: Path to a file that contains the `postgres` user password. This will override the value specified in `POSTGRESQL_PASSWORD`. No defaults. -* `REPMGR_USERNAME`: Username for `repmgr` user. Defaults to `repmgr`. -* `REPMGR_PASSWORD_FILE`: Path to a file that contains the `repmgr` user password. This will override the value specified in `REPMGR_PASSWORD`. No defaults. -* `REPMGR_PASSWORD`: Password for `repmgr` user. No defaults. -* `REPMGR_USE_PASSFILE`: Configure repmgr to use `passfile` and `PGPASSFILE` instead of plain-text password in its configuration. -* `REPMGR_PASSFILE_PATH`: Location of the passfile, if it doesn't exist it will be created using REPMGR credentials. -* `REPMGR_PRIMARY_HOST`: Hostname of the initial primary node. No defaults. -* `REPMGR_PARTNER_NODES`: Comma separated list of partner nodes in the cluster. No defaults. -* `REPMGR_NODE_NAME`: Node name. No defaults. -* `REPMGR_NODE_TYPE`: Node type. Defaults to `data`. Allowed values: `data` for data nodes (master or replicas), `witness` for witness nodes. -* `REPMGR_NODE_NETWORK_NAME`: Node hostname. No defaults. -* `REPMGR_PGHBA_TRUST_ALL`: This will set the auth-method in the generated pg_hba.conf. Set it to `yes` only if you are using pgpool with LDAP authentication. Default to `no`. +- `POSTGRESQL_PASSWORD`: Password for `postgres` user. No defaults. +- `POSTGRESQL_PASSWORD_FILE`: Path to a file that contains the `postgres` user password. This will override the value specified in `POSTGRESQL_PASSWORD`. No defaults. +- `REPMGR_USERNAME`: Username for `repmgr` user. Defaults to `repmgr`. +- `REPMGR_PASSWORD_FILE`: Path to a file that contains the `repmgr` user password. This will override the value specified in `REPMGR_PASSWORD`. No defaults. +- `REPMGR_PASSWORD`: Password for `repmgr` user. No defaults. +- `REPMGR_USE_PASSFILE`: Configure repmgr to use `passfile` and `PGPASSFILE` instead of plain-text password in its configuration. +- `REPMGR_PASSFILE_PATH`: Location of the passfile, if it doesn't exist it will be created using REPMGR credentials. +- `REPMGR_PRIMARY_HOST`: Hostname of the initial primary node. No defaults. +- `REPMGR_PARTNER_NODES`: Comma separated list of partner nodes in the cluster. No defaults. +- `REPMGR_NODE_NAME`: Node name. No defaults. +- `REPMGR_NODE_TYPE`: Node type. Defaults to `data`. Allowed values: `data` for data nodes (master or replicas), `witness` for witness nodes. +- `REPMGR_NODE_NETWORK_NAME`: Node hostname. No defaults. +- `REPMGR_PGHBA_TRUST_ALL`: This will set the auth-method in the generated pg_hba.conf. Set it to `yes` only if you are using pgpool with LDAP authentication. Default to `no`. In a HA PostgreSQL cluster you can have one primary and zero or more standby nodes. The primary node is in read-write mode, while the standby nodes are in read-only mode. For best performance its advisable to limit the reads to the standby nodes. @@ -310,12 +315,12 @@ docker-compose up -d PostgreSQL supports the encryption of connections using the SSL/TLS protocol. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `POSTGRESQL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `POSTGRESQL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `POSTGRESQL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `POSTGRESQL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.postgresql.org/docs/9.6/auth-methods.html)). No defaults. -* `POSTGRESQL_TLS_CRL_FILE`: File containing a Certificate Revocation List. No defaults. -* `POSTGRESQL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. +- `POSTGRESQL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `POSTGRESQL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `POSTGRESQL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `POSTGRESQL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.postgresql.org/docs/9.6/auth-methods.html)). No defaults. +- `POSTGRESQL_TLS_CRL_FILE`: File containing a Certificate Revocation List. No defaults. +- `POSTGRESQL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. When enabling TLS, PostgreSQL will support both standard and encrypted traffic by default, but prefer the latter. Below there are some examples on how to quickly set up TLS traffic: @@ -795,12 +800,12 @@ docker-compose up pg-1 ### 9.6.16-centos-7-r71, 10.11.0-centos-7-r71, 11.6.0-centos-7-r67, and 12.1.0-centos-7-r67 -* `9.6.16-centos-7-r71`, `10.11.0-centos-7-r71`, `11.6.0-centos-7-r67`, and `12.1.0-centos-7-r67` are considered the latest images based on CentOS. -* Standard supported distros: Debian & OEL. +- `9.6.16-centos-7-r71`, `10.11.0-centos-7-r71`, `11.6.0-centos-7-r67`, and `12.1.0-centos-7-r67` are considered the latest images based on CentOS. +- Standard supported distros: Debian & OEL. ### 9.6.15-r18, 9.6.15-ol-7-r23, 9.6.15-centos-7-r23, 10.10.0-r18, 10.10.0-ol-7-r23, 10.10.0-centos-7-r23, 11.5.0-r19, 11.5.0-centos-7-r23, 11.5.0-ol-7-r23 -* Adds Postgis extension to postgresql, version 2.3.x to Postgresiql 9.6 and version 2.5 to 10, 11 and 12. +- Adds Postgis extension to postgresql, version 2.3.x to Postgresiql 9.6 and version 2.5 to 10, 11 and 12. ## Using `docker-compose.yaml` diff --git a/bitnami/postgresql/13/README.md b/bitnami/postgresql/13/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql/13/README.md +++ b/bitnami/postgresql/13/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql/14/README.md b/bitnami/postgresql/14/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql/14/README.md +++ b/bitnami/postgresql/14/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql/15/README.md b/bitnami/postgresql/15/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql/15/README.md +++ b/bitnami/postgresql/15/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql/16/README.md b/bitnami/postgresql/16/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/postgresql/16/README.md +++ b/bitnami/postgresql/16/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/postgresql/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/postgresql/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/postgresql/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/postgresql/17/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/postgresql/README.md b/bitnami/postgresql/README.md index 1e4d64ef7c7e..959136f4abbb 100644 --- a/bitnami/postgresql/README.md +++ b/bitnami/postgresql/README.md @@ -15,14 +15,25 @@ docker run --name postgresql bitnami/postgresql:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PostgreSQL in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -294,7 +299,7 @@ In order to have your custom files inside the docker image you can mount them as Passing extra command-line flags to the postgresql service command is possible through the following env var: -* `POSTGRESQL_EXTRA_FLAGS`: Flags to be appended to the `postgres` startup command. No defaults +- `POSTGRESQL_EXTRA_FLAGS`: Flags to be appended to the `postgres` startup command. No defaults ### Initializing a new instance @@ -373,38 +378,38 @@ When `POSTGRESQL_USERNAME` is specified, the `postgres` user is not assigned a p The Bitnami PostgreSQL Image comes with the pgAudit module enabled by default. Thanks to this, audit information can be enabled in the container with these environment variables: -* `POSTGRESQL_PGAUDIT_LOG`: Comma-separated list with different operations to audit. Find in the [official pgAudit documentation](https://github.com/pgaudit/pgaudit#configuration) the list of possible values. No defaults. -* `POSTGRESQL_PGAUDIT_LOG_CATALOG`: Session logging enabled in the case where all relations in a statement are in pg_catalog. No defaults. -* `POSTGRESQL_LOG_CONNECTIONS`: Add log entry for logins. No defaults. -* `POSTGRESQL_LOG_DISCONNECTIONS`: Add log entry for logouts. No defaults. -* `POSTGRESQL_LOG_HOSTNAME`: Log the client hostname. No defaults. -* `POSTGRESQL_LOG_LINE_PREFIX`: Define the format of the log entry lines. Find in the [official PostgreSQL documentation](https://www.postgresql.org/docs/current/runtime-config-logging.html) the string parameters. No defaults. -* `POSTGRESQL_LOG_TIMEZONE`: Set the timezone for the log entry timestamp. No defaults. +- `POSTGRESQL_PGAUDIT_LOG`: Comma-separated list with different operations to audit. Find in the [official pgAudit documentation](https://github.com/pgaudit/pgaudit#configuration) the list of possible values. No defaults. +- `POSTGRESQL_PGAUDIT_LOG_CATALOG`: Session logging enabled in the case where all relations in a statement are in pg_catalog. No defaults. +- `POSTGRESQL_LOG_CONNECTIONS`: Add log entry for logins. No defaults. +- `POSTGRESQL_LOG_DISCONNECTIONS`: Add log entry for logouts. No defaults. +- `POSTGRESQL_LOG_HOSTNAME`: Log the client hostname. No defaults. +- `POSTGRESQL_LOG_LINE_PREFIX`: Define the format of the log entry lines. Find in the [official PostgreSQL documentation](https://www.postgresql.org/docs/current/runtime-config-logging.html) the string parameters. No defaults. +- `POSTGRESQL_LOG_TIMEZONE`: Set the timezone for the log entry timestamp. No defaults. ### Session settings The Bitnami PostgreSQL Image allows configuring several parameters for the connection and session management: -* `POSTGRESQL_USERNAME_CONNECTION_LIMIT`: If a user different from `postgres` is created, set the connection limit. No defaults. -* `POSTGRESQL_POSTGRES_CONNECTION_LIMIT`: Set the connection limit for the `postgres` user. No defaults. -* `POSTGRESQL_STATEMENT_TIMEOUT`: Set the statement timeout. No defaults. -* `POSTGRESQL_TCP_KEEPALIVES_INTERVAL`: TCP keepalive interval. No defaults. -* `POSTGRESQL_TCP_KEEPALIVES_IDLE`: TCP keepalive idle time. No defaults. -* `POSTGRESQL_TCP_KEEPALIVES_COUNT`: TCP keepalive count. No defaults. +- `POSTGRESQL_USERNAME_CONNECTION_LIMIT`: If a user different from `postgres` is created, set the connection limit. No defaults. +- `POSTGRESQL_POSTGRES_CONNECTION_LIMIT`: Set the connection limit for the `postgres` user. No defaults. +- `POSTGRESQL_STATEMENT_TIMEOUT`: Set the statement timeout. No defaults. +- `POSTGRESQL_TCP_KEEPALIVES_INTERVAL`: TCP keepalive interval. No defaults. +- `POSTGRESQL_TCP_KEEPALIVES_IDLE`: TCP keepalive idle time. No defaults. +- `POSTGRESQL_TCP_KEEPALIVES_COUNT`: TCP keepalive count. No defaults. ### Configuring time zone The Bitnami PostgreSQL Image allows configuring the time zone for PostgreSQL with the following environment variables: -* `POSTGRESQL_TIMEZONE`: Sets the time zone for displaying and interpreting time stamps. -* `POSTGRESQL_LOG_TIMEZONE`: Sets the time zone used for timestamps written in the server log. +- `POSTGRESQL_TIMEZONE`: Sets the time zone for displaying and interpreting time stamps. +- `POSTGRESQL_LOG_TIMEZONE`: Sets the time zone used for timestamps written in the server log. ### Modify pg_hba.conf By default, the Bitnami PostgreSQL Image generates `local` and `md5` entries in the pg_hba.conf file. In order to adapt to any other requirements or standards, it is possible to change the pg_hba.conf file by: -* Mounting your own pg_hba.conf file in `/bitnami/postgresql/conf` -* Using the `POSTGRESQL_PGHBA_REMOVE_FILTERS` with a comma-separated list of patterns. All lines that match any of the patterns will be removed. For example, if we want to remove all `local` and `md5` authentication (in favour of hostssl only connections, for example), set `POSTGRESQL_PGHBA_REMOVE_FILTERS=local, md5`. +- Mounting your own pg_hba.conf file in `/bitnami/postgresql/conf` +- Using the `POSTGRESQL_PGHBA_REMOVE_FILTERS` with a comma-separated list of patterns. All lines that match any of the patterns will be removed. For example, if we want to remove all `local` and `md5` authentication (in favour of hostssl only connections, for example), set `POSTGRESQL_PGHBA_REMOVE_FILTERS=local, md5`. ### Preloading shared libraries @@ -414,12 +419,12 @@ It is possible to modify the list of libraries that PostgreSQL will preload at b A [Streaming replication](https://www.postgresql.org/docs/9.4/static/warm-standby.html#STREAMING-REPLICATION) cluster can easily be setup with the Bitnami PostgreSQL Docker Image using the following environment variables: -* `POSTGRESQL_REPLICATION_MODE`: Replication mode. Possible values `master`/`slave`. No defaults. -* `POSTGRESQL_REPLICATION_USER`: The replication user created on the master on first run. No defaults. -* `POSTGRESQL_REPLICATION_PASSWORD`: The replication users password. No defaults. -* `POSTGRESQL_REPLICATION_PASSWORD_FILE`: Path to a file that contains the replication users password. This will override the value specified in `POSTGRESQL_REPLICATION_PASSWORD`. No defaults. -* `POSTGRESQL_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. -* `POSTGRESQL_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `5432`. +- `POSTGRESQL_REPLICATION_MODE`: Replication mode. Possible values `master`/`slave`. No defaults. +- `POSTGRESQL_REPLICATION_USER`: The replication user created on the master on first run. No defaults. +- `POSTGRESQL_REPLICATION_PASSWORD`: The replication users password. No defaults. +- `POSTGRESQL_REPLICATION_PASSWORD_FILE`: Path to a file that contains the replication users password. This will override the value specified in `POSTGRESQL_REPLICATION_PASSWORD`. No defaults. +- `POSTGRESQL_MASTER_HOST`: Hostname/IP of replication master (slave parameter). No defaults. +- `POSTGRESQL_MASTER_PORT_NUMBER`: Server port of the replication master (slave parameter). Defaults to `5432`. In a replication cluster you can have one master and zero or more slaves. When replication is enabled the master node is in read-write mode, while the slaves are in read-only mode. For best performance its advisable to limit the reads to the slaves. @@ -520,8 +525,8 @@ The above command scales up the number of slaves to `3`. You can scale down in t By default, the slave instances are configured with asynchronous replication. In order to guarantee more data stability (at the cost of some performance), it is possible to set synchronous commits (i.e. a transaction commit will not return success to the client until it has been written in a set of replicas) using the following environment variables. -* `POSTGRESQL_SYNCHRONOUS_COMMIT_MODE`: Establishes the type of synchronous commit. The available options are: `on`, `remote_apply`, `remote_write`, `local` and `off`. The default value is `on`. For more information, check the [official PostgreSQL documentation](https://www.postgresql.org/docs/9.6/runtime-config-wal.html#GUC-SYNCHRONOUS-COMMIT). -* `POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS`: Establishes the number of replicas that will enable synchronous replication. This number must not be above the number of slaves that you configure in the cluster. +- `POSTGRESQL_SYNCHRONOUS_COMMIT_MODE`: Establishes the type of synchronous commit. The available options are: `on`, `remote_apply`, `remote_write`, `local` and `off`. The default value is `on`. For more information, check the [official PostgreSQL documentation](https://www.postgresql.org/docs/9.6/runtime-config-wal.html#GUC-SYNCHRONOUS-COMMIT). +- `POSTGRESQL_NUM_SYNCHRONOUS_REPLICAS`: Establishes the number of replicas that will enable synchronous replication. This number must not be above the number of slaves that you configure in the cluster. With Docker Compose the master-slave replication with synchronous commits can be setup as follows: @@ -592,23 +597,23 @@ In order to use LDAP authentication you need to enable it setting the environmen There are two ways of setting up the LDAP configuration: -* By configuring `POSTGRESQL_LDAP_URL`, where you can configure all the associated parameters in the URL. -* Setting up the parameters `POSTGRESQL_LDAP_xxxx` independently. +- By configuring `POSTGRESQL_LDAP_URL`, where you can configure all the associated parameters in the URL. +- Setting up the parameters `POSTGRESQL_LDAP_xxxx` independently. The LDAP related parameters are: -* `POSTGRESQL_LDAP_SERVER`: IP addresses or names of the LDAP servers to connect to. Separated by spaces. -* `POSTGRESQL_LDAP_PORT`: Port number on the LDAP server to connect to -* `POSTGRESQL_LDAP_SCHEME`: Set to `ldaps` to use LDAPS. Default to none. -* `POSTGRESQL_LDAP_TLS`: Set to `1` to use TLS encryption. Default to none. -* `POSTGRESQL_LDAP_PREFIX`: String to prepend to the user name when forming the DN to bind. Default to none. -* `POSTGRESQL_LDAP_SUFFIX`: String to append to the user name when forming the DN to bind. Default to none. -* `POSTGRESQL_LDAP_BASE_DN`: Root DN to begin the search for the user in. Default to none. -* `POSTGRESQL_LDAP_BIND_DN`: DN of user to bind to LDAP. Default to none. -* `POSTGRESQL_LDAP_BIND_PASSWORD`: Password for the user to bind to LDAP. Default to none. -* `POSTGRESQL_LDAP_SEARCH_ATTR`: Attribute to match against the user name in the search. Default to none. -* `POSTGRESQL_LDAP_SEARCH_FILTER`: The search filter to use when doing search+bind authentication. Default to none. -* `POSTGRESQL_LDAP_URL`: URL to connect to, in the format: `ldap[s]://host[:port]/basedn[?[attribute][?[scope][?[filter]]]]` . +- `POSTGRESQL_LDAP_SERVER`: IP addresses or names of the LDAP servers to connect to. Separated by spaces. +- `POSTGRESQL_LDAP_PORT`: Port number on the LDAP server to connect to +- `POSTGRESQL_LDAP_SCHEME`: Set to `ldaps` to use LDAPS. Default to none. +- `POSTGRESQL_LDAP_TLS`: Set to `1` to use TLS encryption. Default to none. +- `POSTGRESQL_LDAP_PREFIX`: String to prepend to the user name when forming the DN to bind. Default to none. +- `POSTGRESQL_LDAP_SUFFIX`: String to append to the user name when forming the DN to bind. Default to none. +- `POSTGRESQL_LDAP_BASE_DN`: Root DN to begin the search for the user in. Default to none. +- `POSTGRESQL_LDAP_BIND_DN`: DN of user to bind to LDAP. Default to none. +- `POSTGRESQL_LDAP_BIND_PASSWORD`: Password for the user to bind to LDAP. Default to none. +- `POSTGRESQL_LDAP_SEARCH_ATTR`: Attribute to match against the user name in the search. Default to none. +- `POSTGRESQL_LDAP_SEARCH_FILTER`: The search filter to use when doing search+bind authentication. Default to none. +- `POSTGRESQL_LDAP_URL`: URL to connect to, in the format: `ldap[s]://host[:port]/basedn[?[attribute][?[scope][?[filter]]]]` . For more information refer to [Postgresql LDAP auth configuration documentation](https://www.postgresql.org/docs/12/auth-ldap.html). @@ -616,12 +621,12 @@ For more information refer to [Postgresql LDAP auth configuration documentation] PostgreSQL supports the encryption of connections using the SSL/TLS protocol. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `POSTGRESQL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `POSTGRESQL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `POSTGRESQL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `POSTGRESQL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.postgresql.org/docs/9.6/auth-methods.html)). No defaults. -* `POSTGRESQL_TLS_CRL_FILE`: File containing a Certificate Revocation List. No defaults. -* `POSTGRESQL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. +- `POSTGRESQL_ENABLE_TLS`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `POSTGRESQL_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `POSTGRESQL_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `POSTGRESQL_TLS_CA_FILE`: File containing the CA of the certificate. If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate (see [ref](https://www.postgresql.org/docs/9.6/auth-methods.html)). No defaults. +- `POSTGRESQL_TLS_CRL_FILE`: File containing a Certificate Revocation List. No defaults. +- `POSTGRESQL_TLS_PREFER_SERVER_CIPHERS`: Whether to use the server's TLS cipher preferences rather than the client's. Defaults to `yes`. When enabling TLS, PostgreSQL will support both standard and encrypted traffic by default, but prefer the latter. Below there are some examples on how to quickly set up TLS traffic: @@ -760,8 +765,8 @@ If you are using your custom `postgresql.conf`, you should create (or uncomment) Specifying extra initdb arguments can easily be done using the following environment variables: -* `POSTGRESQL_INITDB_ARGS`: Specifies extra arguments for the initdb command. No defaults. -* `POSTGRESQL_INITDB_WAL_DIR`: Defines a custom location for the transaction log. No defaults. +- `POSTGRESQL_INITDB_ARGS`: Specifies extra arguments for the initdb command. No defaults. +- `POSTGRESQL_INITDB_WAL_DIR`: Defines a custom location for the transaction log. No defaults. ```console docker run --name postgresql \ @@ -786,15 +791,15 @@ services: You can control the parameters used to stop postgresql in the initialization process by using: -* `POSTGRESQL_PGCTLTIMEOUT` that will set the timeout for the `pg_ctl` command. -* `POSTGRESQL_SHUTDOWN_MODE` that will indicate the [shutdown mode](https://www.postgresql.org/docs/11/app-pg-ctl.html) used. +- `POSTGRESQL_PGCTLTIMEOUT` that will set the timeout for the `pg_ctl` command. +- `POSTGRESQL_SHUTDOWN_MODE` that will indicate the [shutdown mode](https://www.postgresql.org/docs/11/app-pg-ctl.html) used. ### Installing extra locales The Dockerfile provides two arguments to configure extra locales at build time: -* `WITH_ALL_LOCALES`: Enable all supported locales. Default: no -* `EXTRA_LOCALES`: Comma separated list of extra locales to enable. No defaults +- `WITH_ALL_LOCALES`: Enable all supported locales. Default: no +- `EXTRA_LOCALES`: Comma separated list of extra locales to enable. No defaults For example, to build an image with support for the `es_ES.UTF-8 UTF-8` locale, you can add the following argument to your build command: @@ -926,46 +931,46 @@ docker-compose up postgresql ### 9.6.16-centos-7-r71, 10.11.0-centos-7-r72, 11.6.0-centos-7-r71, and 12.1.0-centos-7-r72 -* `9.6.16-centos-7-r71`, `10.11.0-centos-7-r72`, `11.6.0-centos-7-r71`, and `12.1.0-centos-7-r72` are considered the latest images based on CentOS. -* Standard supported distros: Debian & OEL. +- `9.6.16-centos-7-r71`, `10.11.0-centos-7-r72`, `11.6.0-centos-7-r71`, and `12.1.0-centos-7-r72` are considered the latest images based on CentOS. +- Standard supported distros: Debian & OEL. ### 9.6.15-r93, 9.6.15-ol-7-r108, 9.6.15-centos-7-r107, 10.10.0-r923, 10.10.0-ol-7-r106, 10.10.0-centos-7-r107, 11.5.0-r89, 11.5.0-centos-7-r103, 11.5.0-ol-7-r108, 12.0.0-r21, 12.0.0-centos-7-r34 and 12.0.0-ol-7-r32 -* Adds LDAP authentication support +- Adds LDAP authentication support ### 9.6.15-r82, 9.6.15-ol-7-r92, 9.6.15-centos-7-r91, 10.10.0-r82, 10.10.0-ol-7-r90, 10.10.0-centos-7-r91, 11.5.0-r80, 11.5.0-centos-7-r87, 11.5.0-ol-7-r92, 12.0.0-r11, 12.0.0-centos-7-r17 and 12.0.0-ol-7-r17 -* Adds Postgis extension to postgresql, version 2.3.x to Postgresiql 9.6 and version 2.5 to 10, 11 and 12. +- Adds Postgis extension to postgresql, version 2.3.x to Postgresiql 9.6 and version 2.5 to 10, 11 and 12. ### 9.6.12-r70, 9.6.12-ol-7-r72, 10.7.0-r69, 10.7.0-ol-7-r71, 11.2.0-r69 and 11.2.0-ol-7-r71 -* Decrease the size of the container. It is not necessary Node.js anymore. PostgreSQL configuration moved to bash scripts in the rootfs/ folder. -* This container is backwards compatible with the previous versions, as the mount folders remain unchanged. -* The `POSTGRESQL_PASSWORD` variable must be passed to the slaves so they generate the proper `pg_hba.conf` admission rules. +- Decrease the size of the container. It is not necessary Node.js anymore. PostgreSQL configuration moved to bash scripts in the rootfs/ folder. +- This container is backwards compatible with the previous versions, as the mount folders remain unchanged. +- The `POSTGRESQL_PASSWORD` variable must be passed to the slaves so they generate the proper `pg_hba.conf` admission rules. ### 9.6.11-r66, 9.6.11-ol-7-r83, 10.6.0-r68, 10.6.0-ol-7-r83, 11.1.0-r62 and 11.1.0-ol-7-r79 -* The PostgreSQL container can be configured using two sets of environment variables. For more information, check [Environment variables aliases](#environment-variables-aliases) +- The PostgreSQL container can be configured using two sets of environment variables. For more information, check [Environment variables aliases](#environment-variables-aliases) ### 9.6.11-r38, 10.6.0-r39 and 11.1.0-r34 -* The PostgreSQL container now contains options to easily configure synchronous commits between slaves. This provides more data stability, but must be configured with caution as it also has a cost in performance. For more information, check [Synchronous Commits](#synchronous-commits). +- The PostgreSQL container now contains options to easily configure synchronous commits between slaves. This provides more data stability, but must be configured with caution as it also has a cost in performance. For more information, check [Synchronous Commits](#synchronous-commits). ### 9.6.9-r19 and 10.4.0-r19 -* The PostgreSQL container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the PostgreSQL daemon was started as the `postgres` user. From now on, both the container and the PostgreSQL daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The PostgreSQL container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the PostgreSQL daemon was started as the `postgres` user. From now on, both the container and the PostgreSQL daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 9.5.3-r5 -* The `POSTGRES_` prefix on environment variables is now replaced by `POSTGRESQL_` -* `POSTGRES_USER` parameter has been renamed to `POSTGRESQL_USERNAME`. -* `POSTGRES_DB` parameter has been renamed to `POSTGRESQL_DATABASE`. -* `POSTGRES_MODE` parameter has been renamed to `POSTGRESQL_REPLICATION_MODE`. +- The `POSTGRES_` prefix on environment variables is now replaced by `POSTGRESQL_` +- `POSTGRES_USER` parameter has been renamed to `POSTGRESQL_USERNAME`. +- `POSTGRES_DB` parameter has been renamed to `POSTGRESQL_DATABASE`. +- `POSTGRES_MODE` parameter has been renamed to `POSTGRESQL_REPLICATION_MODE`. ### 9.5.3-r0 -* All volumes have been merged at `/bitnami/postgresql`. Now you only need to mount a single volume at `/bitnami/postgresql` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/postgresql`. Now you only need to mount a single volume at `/bitnami/postgresql` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/postgrest/README.md b/bitnami/postgrest/README.md index c96f228cd20c..572642e35329 100644 --- a/bitnami/postgrest/README.md +++ b/bitnami/postgrest/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name postgrest bitnami/postgrest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PostgREST in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -132,7 +137,7 @@ Check the [official PostgREST documentation](https://postgrest.org/en/stable//co ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/prometheus-operator/README.md b/bitnami/prometheus-operator/README.md index cd77f1d2bd29..b74784cf2e97 100644 --- a/bitnami/prometheus-operator/README.md +++ b/bitnami/prometheus-operator/README.md @@ -11,14 +11,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [Prometheus Operator](https://github.com/coreos/prometheus-operator/tree/master/Documentation) on your Kubernetes cluster. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Prometheus Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Kube-Prometheus Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/kube-prometheus). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -70,7 +75,7 @@ docker build -t bitnami/APP:latest . ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Configuration diff --git a/bitnami/prometheus-rsocket-proxy/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/prometheus-rsocket-proxy/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/prometheus-rsocket-proxy/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/prometheus-rsocket-proxy/1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/prometheus-rsocket-proxy/README.md b/bitnami/prometheus-rsocket-proxy/README.md index 31d65e6afbc1..392a982a8a34 100644 --- a/bitnami/prometheus-rsocket-proxy/README.md +++ b/bitnami/prometheus-rsocket-proxy/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name prometheus-rsocket-proxy bitnami/prometheus-rsocket-proxy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Prometheus RSocket Proxy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Prometheus RSocket Proxy in production? Try [VMware Tanzu Applica Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -72,7 +77,7 @@ For further documentation, please check [here](https://github.com/micrometer-met ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/prometheus/2.53/README.md b/bitnami/prometheus/2.53/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/prometheus/2.53/README.md +++ b/bitnami/prometheus/2.53/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/prometheus/README.md b/bitnami/prometheus/README.md index 5bb545fe51b1..5be4eda51b4c 100644 --- a/bitnami/prometheus/README.md +++ b/bitnami/prometheus/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name prometheus bitnami/prometheus:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Prometheus in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Prometheus in production? Try [VMware Tanzu Application Catalog]( Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -184,7 +189,7 @@ docker run --name prometheus bitnami/prometheus:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/pushgateway/README.md b/bitnami/pushgateway/README.md index 4111f4f2d043..a109d5b3fa10 100644 --- a/bitnami/pushgateway/README.md +++ b/bitnami/pushgateway/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name pushgateway bitnami/pushgateway:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Push Gateway in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Push Gateway in production? Try [VMware Tanzu Application Catalog Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -152,7 +157,7 @@ docker run --name pushgateway bitnami/pushgateway:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/pymilvus/README.md b/bitnami/pymilvus/README.md index afa96e9df7ee..58c2eff0a011 100644 --- a/bitnami/pymilvus/README.md +++ b/bitnami/pymilvus/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pymilvus bitnami/pymilvus ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PyMilvus in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use PyMilvus in production? Try [VMware Tanzu Application Catalog](ht Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker run -it --name pymilvus -v /path/to/app:/app bitnami/pymilvus \ **Further Reading:** -* [pymilvus documentation](https://github.com/milvus-io/pymilvusdocs/) +- [pymilvus documentation](https://github.com/milvus-io/pymilvusdocs/) ## Maintenance @@ -126,7 +131,7 @@ docker run --name pymilvus bitnami/pymilvus:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/python/3.10/README.md b/bitnami/python/3.10/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/python/3.10/README.md +++ b/bitnami/python/3.10/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/python/3.11/README.md b/bitnami/python/3.11/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/python/3.11/README.md +++ b/bitnami/python/3.11/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/python/3.12/README.md b/bitnami/python/3.12/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/python/3.12/README.md +++ b/bitnami/python/3.12/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/python/3.9/README.md b/bitnami/python/3.9/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/python/3.9/README.md +++ b/bitnami/python/3.9/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/python/README.md b/bitnami/python/README.md index ef4150c5cc52..49a235e02e98 100644 --- a/bitnami/python/README.md +++ b/bitnami/python/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name python bitnami/python ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Python in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -46,9 +51,9 @@ The `prod` tags has been removed; from now on just the regular container images The formatting convention for `prod` tags has been changed: -* `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` -* `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` -* `latest-prod` is now deprecated +- `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` +- `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` +- `latest-prod` is now deprecated ## Get this image @@ -112,8 +117,8 @@ python: **Further Reading:** -* [python documentation](https://www.python.org/doc/) -* [pip documentation](https://pip.pypa.io/en/stable/) +- [python documentation](https://www.python.org/doc/) +- [pip documentation](https://pip.pypa.io/en/stable/) ## Maintenance diff --git a/bitnami/pytorch/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/pytorch/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/pytorch/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/pytorch/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/pytorch/README.md b/bitnami/pytorch/README.md index 78a4d81e6bc7..fff8bb9af6b4 100644 --- a/bitnami/pytorch/README.md +++ b/bitnami/pytorch/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pytorch bitnami/pytorch ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use PyTorch in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use PyTorch in production? Try [VMware Tanzu Application Catalog](htt Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,8 +99,8 @@ docker run -it --name pytorch -v /path/to/app:/app bitnami/pytorch \ **Further Reading:** -* [pytorch documentation](https://pytorch.org/docs/stable/index.html) -* [conda documentation](https://docs.conda.io/en/latest/) +- [pytorch documentation](https://pytorch.org/docs/stable/index.html) +- [conda documentation](https://docs.conda.io/en/latest/) ## Maintenance diff --git a/bitnami/rabbitmq-cluster-operator/README.md b/bitnami/rabbitmq-cluster-operator/README.md index 70478b5b2ca8..34cb1d78df00 100644 --- a/bitnami/rabbitmq-cluster-operator/README.md +++ b/bitnami/rabbitmq-cluster-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rabbitmq-cluster-operator bitnami/rabbitmq-cluster-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use RabbitMQ Cluster Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official RabbitMQ Cluster Operator documentation](https://github.com/ ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/rabbitmq/4.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/rabbitmq/4.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/rabbitmq/4.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/rabbitmq/4.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index b8131b833ec3..6189cc7e0a28 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -15,14 +15,25 @@ docker run --name rabbitmq bitnami/rabbitmq:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use RabbitMQ in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -233,7 +238,7 @@ docker-compose up -d When you start the rabbitmq image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/rabbitmq/docker-compose.yml) file present in this repository: : +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/rabbitmq/docker-compose.yml) file present in this repository: : ```yaml rabbitmq: @@ -243,7 +248,7 @@ rabbitmq: ... ``` -* For manual execution add a `-e` option with each variable and value. +- For manual execution add a `-e` option with each variable and value. ### Setting up a cluster @@ -396,11 +401,11 @@ sudo chmod 400 LDAP configuration parameters must be specified if you wish to enable LDAP support for RabbitMQ. The following environment variables are available to configure LDAP support: -* `RABBITMQ_ENABLE_LDAP`: Enable the LDAP configuration. Defaults to `no`. -* `RABBITMQ_LDAP_TLS`: Enable secure LDAP configuration. Defaults to `no`. -* `RABBITMQ_LDAP_SERVERS`: Comma, semi-colon or space separated list of LDAP server hostnames. No defaults. -* `RABBITMQ_LDAP_SERVERS_PORT`: LDAP servers port. Defaults: **389** -* `RABBITMQ_LDAP_USER_DN_PATTERN`: DN used to bind to LDAP in the form `cn=$${username},dc=example,dc=org`.No defaults. +- `RABBITMQ_ENABLE_LDAP`: Enable the LDAP configuration. Defaults to `no`. +- `RABBITMQ_LDAP_TLS`: Enable secure LDAP configuration. Defaults to `no`. +- `RABBITMQ_LDAP_SERVERS`: Comma, semi-colon or space separated list of LDAP server hostnames. No defaults. +- `RABBITMQ_LDAP_SERVERS_PORT`: LDAP servers port. Defaults: **389** +- `RABBITMQ_LDAP_USER_DN_PATTERN`: DN used to bind to LDAP in the form `cn=$${username},dc=example,dc=org`.No defaults. > Note: To escape `$` in `RABBITMQ_LDAP_USER_DN_PATTERN` you need to use `$$`. @@ -527,54 +532,54 @@ docker-compose up rabbitmq ### 4.1.1-debian-12-r3 -* The environment variable `RABBITMQ_VHOSTS` can be used to set the default queue type for each virtual host using `:` separator: `RABBITMQ_VHOSTS=queue_name_0 queue_name_1:quorum` -* New enviroment variable `RABBITMQ_NODE_DEFAULT_QUEUE_TYPE` to set default queue type node-wide. +- The environment variable `RABBITMQ_VHOSTS` can be used to set the default queue type for each virtual host using `:` separator: `RABBITMQ_VHOSTS=queue_name_0 queue_name_1:quorum` +- New enviroment variable `RABBITMQ_NODE_DEFAULT_QUEUE_TYPE` to set default queue type node-wide. ### 3.8.16-debian-10-r28 -* Added several minor changes to make the container compatible with the [RabbitMQ Cluster Operator](https://github.com/rabbitmq/cluster-operator/): - * Add `/etc/rabbitmq`, `/var/log/rabbitmq` and `/var/lib/rabbitmq` as symlinks to the corresponding folders in `/opt/bitnami/rabbitmq`. - * Set the `RABBITMQ_SECURE_PASSWORD` password to `no` by default. This does not affect the Bitnami RabbitMQ helm as it sets that variable to `yes` by default. - * Enable the `rabbitmq-prometheus` plugin by default. +- Added several minor changes to make the container compatible with the [RabbitMQ Cluster Operator](https://github.com/rabbitmq/cluster-operator/): + - Add `/etc/rabbitmq`, `/var/log/rabbitmq` and `/var/lib/rabbitmq` as symlinks to the corresponding folders in `/opt/bitnami/rabbitmq`. + - Set the `RABBITMQ_SECURE_PASSWORD` password to `no` by default. This does not affect the Bitnami RabbitMQ helm as it sets that variable to `yes` by default. + - Enable the `rabbitmq-prometheus` plugin by default. ### 3.8.9-debian-10-r82 -* Add script to be used as preStop hook on K8s environments. It waits until queues have synchronised +- Add script to be used as preStop hook on K8s environments. It waits until queues have synchronised mirror before shutting down. ### 3.8.9-debian-10-r42 -* The environment variable `RABBITMQ_HASHED_PASSWORD` has not been used for some time. It is now +- The environment variable `RABBITMQ_HASHED_PASSWORD` has not been used for some time. It is now removed from documentation and validation. -* New boolean environment variable `RABBITMQ_LOAD_DEFINITIONS` to get behavior compatible with using +- New boolean environment variable `RABBITMQ_LOAD_DEFINITIONS` to get behavior compatible with using the `load_definitions` configuration. Initially this means that the password of `RABBITMQ_USERNAME` is not changed using `rabbitmqctl change_password`. ### 3.8.3-debian-10-r109 -* The default configuration file is created following the "sysctl" or "ini-like" format instead of using Erlang terms. Check [Official documentation](https://www.rabbitmq.com/configure.html#config-file-formats) for more information about supported formats. -* Migrating data/configuration from unsupported locations is not performed anymore. -* New environment variable `RABBITMQ_FORCE_BOOT` to force a node to start even if it was not the last to shut down. -* New environment variable `RABBITMQ_PLUGINS` to indicate a list of plugins to enable during the initialization. -* Add healthcheck scripts to be used on K8s environments. +- The default configuration file is created following the "sysctl" or "ini-like" format instead of using Erlang terms. Check [Official documentation](https://www.rabbitmq.com/configure.html#config-file-formats) for more information about supported formats. +- Migrating data/configuration from unsupported locations is not performed anymore. +- New environment variable `RABBITMQ_FORCE_BOOT` to force a node to start even if it was not the last to shut down. +- New environment variable `RABBITMQ_PLUGINS` to indicate a list of plugins to enable during the initialization. +- Add healthcheck scripts to be used on K8s environments. ### 3.8.0-r17, 3.8.0-ol-7-r26 -* LDAP authentication +- LDAP authentication ### 3.7.15-r18, 3.7.15-ol-7-r19 -* Decrease the size of the container. Node.js is not needed anymore. RabbitMQ configuration logic has been moved to bash scripts in the `rootfs` folder. -* Configuration is not persisted anymore. +- Decrease the size of the container. Node.js is not needed anymore. RabbitMQ configuration logic has been moved to bash scripts in the `rootfs` folder. +- Configuration is not persisted anymore. ### 3.7.7-r35 -* The RabbitMQ container includes a new environment variable `RABBITMQ_HASHED_PASSWORD` that allows setting password via SHA256 hash (consult [official documentation](https://www.rabbitmq.com/passwords.html) for more information about password hashes). -* Please note that password hashes must be generated following the [official algorithm](https://www.rabbitmq.com/passwords.html#computing-password-hash). You can use [this Python script](https://gist.githubusercontent.com/anapsix/4c3e8a8685ce5a3f0d7599c9902fd0d5/raw/1203a480fcec1982084b3528415c3cad26541b82/rmq_passwd_hash.py) to generate them. +- The RabbitMQ container includes a new environment variable `RABBITMQ_HASHED_PASSWORD` that allows setting password via SHA256 hash (consult [official documentation](https://www.rabbitmq.com/passwords.html) for more information about password hashes). +- Please note that password hashes must be generated following the [official algorithm](https://www.rabbitmq.com/passwords.html#computing-password-hash). You can use [this Python script](https://gist.githubusercontent.com/anapsix/4c3e8a8685ce5a3f0d7599c9902fd0d5/raw/1203a480fcec1982084b3528415c3cad26541b82/rmq_passwd_hash.py) to generate them. ### 3.7.7-r19 -* The RabbitMQ container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the RabbitMQ daemon was started as the `rabbitmq` user. From now on, both the container and the RabbitMQ daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The RabbitMQ container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the RabbitMQ daemon was started as the `rabbitmq` user. From now on, both the container and the RabbitMQ daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 3.6.5-r2 diff --git a/bitnami/rails/7/README.md b/bitnami/rails/7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/rails/7/README.md +++ b/bitnami/rails/7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/rails/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/rails/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/rails/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/rails/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/rails/README.md b/bitnami/rails/README.md index 59e6b7ea7aff..fbce32156541 100644 --- a/bitnami/rails/README.md +++ b/bitnami/rails/README.md @@ -17,23 +17,28 @@ docker run --name rails bitnami/rails:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [MariaDB container](https://github.com/bitnami/containers/blob/main/bitnami/mariadb#readme) for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Rails in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -101,31 +106,31 @@ docker-compose exec Following are a few examples of launching some commonly used Rails development commands inside the `myapp` service container. -* List all available rake tasks: +- List all available rake tasks: ```console docker-compose exec myapp bundle exec rake -T ``` -* Get information about the Rails environment: +- Get information about the Rails environment: ```console docker-compose exec myapp bundle exec rake about ``` -* Launch the Rails console: +- Launch the Rails console: ```console docker-compose exec myapp rails console ``` -* Generate a scaffold: +- Generate a scaffold: ```console docker-compose exec myapp rails generate scaffold User name:string email:string ``` -* Run database migrations: +- Run database migrations: ```console docker-compose exec myapp bundle exec rake db:migrate @@ -136,7 +141,7 @@ Following are a few examples of launching some commonly used Rails development c > Database migrations are automatically applied during the start up of the Rails Development Container. This means that the `myapp` service could also be restarted to apply the database migrations. > > ```console -> $ docker-compose restart myapp +> docker-compose restart myapp > ``` ## Environment variables @@ -217,7 +222,7 @@ When the `myapp` service container is restarted, it will install all the missing ## 6.0.2-2-debian-10-r52 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. ## Using `docker-compose.yaml` @@ -233,11 +238,11 @@ We'd love for you to contribute to this container. You can request new features If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/containers/issues/new). Be sure to include the following information in your issue: -* Host OS and version -* Docker version (`docker version`) -* Output of `docker info` -* Version of this container -* The command you used to run the container, and any relevant output you saw (masking any sensitive information) +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) ## License diff --git a/bitnami/ray/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ray/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/ray/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/ray/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/ray/README.md b/bitnami/ray/README.md index 9540929a5980..0d14e1f5704e 100644 --- a/bitnami/ray/README.md +++ b/bitnami/ray/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name ray bitnami/ray ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Ray in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Ray in production? Try [VMware Tanzu Application Catalog](https:/ Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker run -it --name ray -v /path/to/app:/app bitnami/ray \ **Further Reading:** -* [ray documentation](https://ray.iodocs/) +- [ray documentation](https://ray.iodocs/) ## Maintenance @@ -126,7 +131,7 @@ docker run --name ray bitnami/ray:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/rclone/README.md b/bitnami/rclone/README.md index 098f73bb058b..f89101923d4a 100644 --- a/bitnami/rclone/README.md +++ b/bitnami/rclone/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rclone bitnami/rclone:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use rClone in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Check the [official rClone documentation](https://rclone.org/docs/) for a list o ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/redis-cluster/6.2/README.md b/bitnami/redis-cluster/6.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-cluster/6.2/README.md +++ b/bitnami/redis-cluster/6.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-cluster/7.2/README.md b/bitnami/redis-cluster/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-cluster/7.2/README.md +++ b/bitnami/redis-cluster/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-cluster/7.4/README.md b/bitnami/redis-cluster/7.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-cluster/7.4/README.md +++ b/bitnami/redis-cluster/7.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-cluster/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/redis-cluster/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/redis-cluster/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/redis-cluster/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/redis-cluster/README.md b/bitnami/redis-cluster/README.md index 346a5b259356..4439882cb979 100644 --- a/bitnami/redis-cluster/README.md +++ b/bitnami/redis-cluster/README.md @@ -13,14 +13,25 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are docker run --name redis-cluster -e ALLOW_EMPTY_PASSWORD=yes bitnami/redis-cluster:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Redis® Cluster in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Redis® Cluster in production? Try [VMware Tanzu Application C Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Redis(R) Cluster Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/redis-exporter/README.md b/bitnami/redis-exporter/README.md index 3c5e5b832a90..bbca7e5c7f47 100644 --- a/bitnami/redis-exporter/README.md +++ b/bitnami/redis-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name redis-exporter bitnami/redis-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Redis Exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Redis Exporter in production? Try [VMware Tanzu Application Catal Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -142,7 +147,7 @@ docker run --name redis-exporter bitnami/redis-exporter:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/redis-sentinel/6.2/README.md b/bitnami/redis-sentinel/6.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-sentinel/6.2/README.md +++ b/bitnami/redis-sentinel/6.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-sentinel/7.2/README.md b/bitnami/redis-sentinel/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-sentinel/7.2/README.md +++ b/bitnami/redis-sentinel/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-sentinel/7.4/README.md b/bitnami/redis-sentinel/7.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis-sentinel/7.4/README.md +++ b/bitnami/redis-sentinel/7.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis-sentinel/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/redis-sentinel/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/redis-sentinel/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/redis-sentinel/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/redis-sentinel/README.md b/bitnami/redis-sentinel/README.md index 011f46367155..b6e39f6ea171 100644 --- a/bitnami/redis-sentinel/README.md +++ b/bitnami/redis-sentinel/README.md @@ -15,14 +15,25 @@ docker run --name redis-sentinel -e REDIS_MASTER_HOST=redis bitnami/redis-sentin **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Redis® Sentinel in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Redis® Sentinel in production? Try [VMware Tanzu Application Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -271,15 +276,15 @@ docker run --name redis bitnami/redis-sentinel:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 4.0.14-debian-9-r201, 4.0.14-ol-7-r222, 5.0.5-debian-9-r169, 5.0.5-ol-7-r175 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. ### 4.0.10-r25 -* The Redis(R) sentinel container has been migrated to a non-root container approach. Previously the container run as `root` user and the redis daemon was started as `redis` user. From now own, both the container and the redis daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the redis process. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Redis(R) sentinel container has been migrated to a non-root container approach. Previously the container run as `root` user and the redis daemon was started as `redis` user. From now own, both the container and the redis daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the redis process. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Contributing diff --git a/bitnami/redis/6.2/README.md b/bitnami/redis/6.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis/6.2/README.md +++ b/bitnami/redis/6.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis/7.2/README.md b/bitnami/redis/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis/7.2/README.md +++ b/bitnami/redis/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis/7.4/README.md b/bitnami/redis/7.4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redis/7.4/README.md +++ b/bitnami/redis/7.4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redis/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/redis/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/redis/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/redis/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/redis/README.md b/bitnami/redis/README.md index d8be58a01778..33460a935925 100644 --- a/bitnami/redis/README.md +++ b/bitnami/redis/README.md @@ -15,14 +15,25 @@ docker run --name redis -e ALLOW_EMPTY_PASSWORD=yes bitnami/redis:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Redis® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -235,7 +240,7 @@ docker-compose up -d For security reasons, you may want to disable some commands. You can specify them by using the following environment variable on the first run: -* `REDIS_DISABLE_COMMANDS`: Comma-separated list of Redis(R) commands to disable. Defaults to empty. +- `REDIS_DISABLE_COMMANDS`: Comma-separated list of Redis(R) commands to disable. Defaults to empty. ```console docker run --name redis -e REDIS_DISABLE_COMMANDS=FLUSHDB,FLUSHALL,CONFIG bitnami/redis:latest @@ -402,12 +407,12 @@ services: A [replication](https://redis.io/topics/replication) cluster can easily be setup with the Bitnami Redis(R) Docker Image using the following environment variables: -* `REDIS_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. -* `REDIS_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. -* `REDIS_REPLICA_PORT`: The replication announce port. Defaults to `REDIS_MASTER_PORT_NUMBER`. -* `REDIS_MASTER_HOST`: Hostname/IP of replication master (replica node parameter). No defaults. -* `REDIS_MASTER_PORT_NUMBER`: Server port of the replication master (replica node parameter). Defaults to `6379`. -* `REDIS_MASTER_PASSWORD`: Password to authenticate with the master (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set the `REDIS_MASTER_PASSWORD_FILE` variable. +- `REDIS_REPLICATION_MODE`: The replication mode. Possible values `master`/`slave`. No defaults. +- `REDIS_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. +- `REDIS_REPLICA_PORT`: The replication announce port. Defaults to `REDIS_MASTER_PORT_NUMBER`. +- `REDIS_MASTER_HOST`: Hostname/IP of replication master (replica node parameter). No defaults. +- `REDIS_MASTER_PORT_NUMBER`: Server port of the replication master (replica node parameter). Defaults to `6379`. +- `REDIS_MASTER_PASSWORD`: Password to authenticate with the master (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set the `REDIS_MASTER_PASSWORD_FILE` variable. In a replication cluster you can have one master and zero or more replicas. When replication is enabled the master node is in read-write mode, while the replicas are in read-only mode. For best performance its advisable to limit the reads to the replicas. @@ -495,14 +500,14 @@ The above command scales up the number of replicas to `3`. You can scale down in Starting with version 6, Redis(R) adds the support for SSL/TLS connections. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `REDIS_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `REDIS_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. -* `REDIS_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `REDIS_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `REDIS_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `REDIS_TLS_CA_DIR`). No defaults. -* `REDIS_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. -* `REDIS_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. -* `REDIS_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. +- `REDIS_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `REDIS_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. +- `REDIS_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `REDIS_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `REDIS_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `REDIS_TLS_CA_DIR`). No defaults. +- `REDIS_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. +- `REDIS_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. +- `REDIS_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. When enabling TLS, conventional standard traffic is disabled by default. However this new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To enable non-TLS traffic, set `REDIS_TLS_PORT_NUMBER` to another port different than `0`. @@ -699,18 +704,18 @@ docker-compose up redis ### 5.0.8-debian-10-r24 -* The recommended mount point to use a custom `redis.conf` changes from `/opt/bitnami/redis/etc/` to `/opt/bitnami/redis/mounted-etc/`. +- The recommended mount point to use a custom `redis.conf` changes from `/opt/bitnami/redis/etc/` to `/opt/bitnami/redis/mounted-etc/`. ### 5.0.0-r0 -* Starting with Redis(R) 5.0 the command [REPLICAOF](https://redis.io/commands/replicaof) is available in favor of `SLAVEOF`. For backward compatibility with previous versions, `slave` replication mode is still supported. We encourage the use of the `REPLICAOF` command if you are using Redis(R) 5.0. +- Starting with Redis(R) 5.0 the command [REPLICAOF](https://redis.io/commands/replicaof) is available in favor of `SLAVEOF`. For backward compatibility with previous versions, `slave` replication mode is still supported. We encourage the use of the `REPLICAOF` command if you are using Redis(R) 5.0. ### 4.0.1-r24 -* Decrease the size of the container. It is not necessary Node.js anymore. Redis(R) configuration moved to bash scripts in the `rootfs/` folder. -* The recommended mount point to persist data changes to `/bitnami/redis/data`. -* The main `redis.conf` file is not persisted in a volume. The path is `/opt/bitnami/redis/mounted-etc/redis.conf`. -* Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: +- Decrease the size of the container. It is not necessary Node.js anymore. Redis(R) configuration moved to bash scripts in the `rootfs/` folder. +- The recommended mount point to persist data changes to `/bitnami/redis/data`. +- The main `redis.conf` file is not persisted in a volume. The path is `/opt/bitnami/redis/mounted-etc/redis.conf`. +- Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it: ```bash docker-compose down @@ -727,13 +732,13 @@ docker-compose up -d ### 4.0.1-r1 -* The redis container has been migrated to a non-root container approach. Previously the container run as `root` user and the redis daemon was started as `redis` user. From now own, both the container and the redis daemon run as user `1001`. +- The redis container has been migrated to a non-root container approach. Previously the container run as `root` user and the redis daemon was started as `redis` user. From now own, both the container and the redis daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the redis process. ### 3.2.0-r0 -* All volumes have been merged at `/bitnami/redis`. Now you only need to mount a single volume at `/bitnami/redis` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/redis`. Now you only need to mount a single volume at `/bitnami/redis` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/redmine/5/README.md b/bitnami/redmine/5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/redmine/5/README.md +++ b/bitnami/redmine/5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/redmine/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/redmine/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/redmine/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/redmine/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/redmine/README.md b/bitnami/redmine/README.md index 64233d6aaea6..7ac93c801854 100644 --- a/bitnami/redmine/README.md +++ b/bitnami/redmine/README.md @@ -15,14 +15,25 @@ docker run --name redmine bitnami/redmine:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Redmine in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Redmine in production? Try [VMware Tanzu Application Catalog](htt Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Redmine Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/redmine). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -241,7 +246,7 @@ docker run -d --name redmine \ When you start the Redmine image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: ```yaml redmine: @@ -251,7 +256,7 @@ When you start the Redmine image, you can adjust the configuration of the instan ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name redmine -p 80:8080 -p 443:8443 \ @@ -267,7 +272,7 @@ When you start the Redmine image, you can adjust the configuration of the instan This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: ```yaml redmine: @@ -283,7 +288,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name redmine -p 80:8080 -p 443:8443 \ @@ -302,7 +307,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami Redmine container supports connecting the Redmine application to an external database. This would be an example of using an external database for Redmine. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/redmine/docker-compose.yml) file present in this repository: ```diff redmine: @@ -318,7 +323,7 @@ The Bitnami Redmine container supports connecting the Redmine application to an ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name redmine\ @@ -359,8 +364,8 @@ The Bitnami Redmine Docker image is designed to be extended. Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the port used by Redmine by setting the environment variable `REDMINE_PORT_NUMBER`. -* You can mount your custom scripts under `/docker-entrypoint-init.d` directory. These scripts will be executed in alphabetical order when the container during the 1st container bootstrap. +- Settings that can be adapted using environment variables. For instance, you can change the port used by Redmine by setting the environment variable `REDMINE_PORT_NUMBER`. +- You can mount your custom scripts under `/docker-entrypoint-init.d` directory. These scripts will be executed in alphabetical order when the container during the 1st container bootstrap. If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -476,13 +481,13 @@ docker-compose up -d ### 4.2.1-debian-10-r70 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* It is now possible to use an already populated Redmine database from another installation. In order to do this, use the environment variable `REDMINE_SKIP_BOOTSTRAP`, which forces the container not to run the initial Redmine setup wizard. -* The following environment variables have been deprecated. They will continue to work as before, but support for these may be removed in a future update: +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- It is now possible to use an already populated Redmine database from another installation. In order to do this, use the environment variable `REDMINE_SKIP_BOOTSTRAP`, which forces the container not to run the initial Redmine setup wizard. +- The following environment variables have been deprecated. They will continue to work as before, but support for these may be removed in a future update: - * `REDMINE_DB_POSTGRES` in favor of `REDMINE_DATABASE_HOST`. When used, `REDMINE_DATABASE_TYPE=postgresql` will also be set. - * `REDMINE_DB_MYSQL`, in favor of `REDMINE_DATABASE_HOST`. Whenused, `REDMINE_DATABASE_TYPE=mariadb` will also be set. + - `REDMINE_DB_POSTGRES` in favor of `REDMINE_DATABASE_HOST`. When used, `REDMINE_DATABASE_TYPE=postgresql` will also be set. + - `REDMINE_DB_MYSQL`, in favor of `REDMINE_DATABASE_HOST`. Whenused, `REDMINE_DATABASE_TYPE=mariadb` will also be set. ## Contributing diff --git a/bitnami/rmq-default-credential-updater/README.md b/bitnami/rmq-default-credential-updater/README.md index b735e8737623..49338d96d493 100644 --- a/bitnami/rmq-default-credential-updater/README.md +++ b/bitnami/rmq-default-credential-updater/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rmq-default-credential-updater bitnami/rmq-default-credential-updater:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use RabbitMQ Default User Credential Updater in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official RabbitMQ Default User Credential Updater documentation](http ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/rmq-messaging-topology-operator/README.md b/bitnami/rmq-messaging-topology-operator/README.md index 2f6afabed246..ba8738e1c6f4 100644 --- a/bitnami/rmq-messaging-topology-operator/README.md +++ b/bitnami/rmq-messaging-topology-operator/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rmq-default-credential-updater bitnami/rmq-messaging-topology-operator:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use RabbitMQ Messaging Topology Operator in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,7 +85,7 @@ Check the [official RabbitMQ Messaging Topology Operator documentation](https:// ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/ruby/3.2/README.md b/bitnami/ruby/3.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ruby/3.2/README.md +++ b/bitnami/ruby/3.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ruby/3.3/README.md b/bitnami/ruby/3.3/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/ruby/3.3/README.md +++ b/bitnami/ruby/3.3/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/ruby/README.md b/bitnami/ruby/README.md index 3d5fe1b7615b..edf1ef1b248a 100644 --- a/bitnami/ruby/README.md +++ b/bitnami/ruby/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name ruby bitnami/ruby:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Ruby in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -46,9 +51,9 @@ The `prod` tags has been removed; from now on just the regular container images The formatting convention for `prod` tags has been changed: -* `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` -* `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` -* `latest-prod` is now deprecated +- `BRANCH-debian-10-prod` is now tagged as `BRANCH-prod-debian-10` +- `VERSION-debian-10-rX-prod` is now tagged as `VERSION-prod-debian-10-rX` +- `latest-prod` is now deprecated ## Get this image @@ -82,7 +87,7 @@ docker run -it --name ruby bitnami/ruby:latest **Further Reading:** -* [Ruby IRB Documentation](http://ruby-doc.org/stdlib-2.4.0/libdoc/irb/rdoc/IRB.html) +- [Ruby IRB Documentation](http://ruby-doc.org/stdlib-2.4.0/libdoc/irb/rdoc/IRB.html) ## Configuration @@ -117,8 +122,8 @@ ruby: **Further Reading:** -* [rubygems.org](https://rubygems.org/) -* [bundler.io](http://bundler.io/) +- [rubygems.org](https://rubygems.org/) +- [bundler.io](http://bundler.io/) ### Accessing a Ruby app running a web server @@ -294,15 +299,15 @@ docker-compose up ruby ### 2.3.1-r0 (2016-05-11) -* Commands are now executed as the `root` user. Use the `--user` argument to switch to another user or change to the required user using `sudo` to launch applications. Alternatively, as of Docker 1.10 User Namespaces are supported by the docker daemon. Refer to the [daemon user namespace options](https://docs.docker.com/engine/security/userns-remap/) for more details. +- Commands are now executed as the `root` user. Use the `--user` argument to switch to another user or change to the required user using `sudo` to launch applications. Alternatively, as of Docker 1.10 User Namespaces are supported by the docker daemon. Refer to the [daemon user namespace options](https://docs.docker.com/engine/security/userns-remap/) for more details. ### 2.2.3-0-r02 (2015-09-30) -* `/app` directory no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume were not persisted between RUN commands. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. +- `/app` directory no longer exported as a volume. This caused problems when building on top of the image, since changes in the volume were not persisted between RUN commands. To keep the previous behavior (so that you can mount the volume in another container), create the container with the `-v /app` option. ### 2.2.3-0-r01 (2015-08-26) -* Permissions fixed so `bitnami` user can install gems without needing `sudo`. +- Permissions fixed so `bitnami` user can install gems without needing `sudo`. ## Using `docker-compose.yaml` diff --git a/bitnami/rust/README.md b/bitnami/rust/README.md index 691aa4295565..6111fcb93467 100644 --- a/bitnami/rust/README.md +++ b/bitnami/rust/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rust bitnami/rust:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Rust in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Rust in production? Try [VMware Tanzu Application Catalog](https: Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/schema-registry/7.5/README.md b/bitnami/schema-registry/7.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/schema-registry/7.5/README.md +++ b/bitnami/schema-registry/7.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/schema-registry/7.6/README.md b/bitnami/schema-registry/7.6/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/schema-registry/7.6/README.md +++ b/bitnami/schema-registry/7.6/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/schema-registry/7.7/README.md b/bitnami/schema-registry/7.7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/schema-registry/7.7/README.md +++ b/bitnami/schema-registry/7.7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/schema-registry/7.8/README.md b/bitnami/schema-registry/7.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/schema-registry/7.8/README.md +++ b/bitnami/schema-registry/7.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/schema-registry/7.9/README.md b/bitnami/schema-registry/7.9/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/schema-registry/7.9/README.md +++ b/bitnami/schema-registry/7.9/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/schema-registry/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/schema-registry/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/schema-registry/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/schema-registry/8.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/schema-registry/README.md b/bitnami/schema-registry/README.md index 266f3989765c..1c4a27e2febf 100644 --- a/bitnami/schema-registry/README.md +++ b/bitnami/schema-registry/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name schema-registry bitnami/schema-registry:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Confluent Schema Registry in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -105,7 +110,7 @@ docker build -t bitnami/APP:latest . When you start the Confluent Schema Registry image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. Please note that some variables are only considered when the container is started for the first time. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/schema-registry/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/schema-registry/docker-compose.yml) file present in this repository: ```yaml schema-registry: @@ -115,7 +120,7 @@ When you start the Confluent Schema Registry image, you can adjust the configura ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name schema-registry -p 8081:8081 \ diff --git a/bitnami/scylladb/2025.1/README.md b/bitnami/scylladb/2025.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/scylladb/2025.1/README.md +++ b/bitnami/scylladb/2025.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/scylladb/2025.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/scylladb/2025.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/scylladb/2025.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/scylladb/2025.2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/scylladb/README.md b/bitnami/scylladb/README.md index 2f2dc515704c..a186caf3b638 100644 --- a/bitnami/scylladb/README.md +++ b/bitnami/scylladb/README.md @@ -15,14 +15,25 @@ docker run --name scylladb bitnami/scylladb:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use ScyllaDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Non-root container images add an extra layer of security and are generally recom Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami ScyllaDB Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/scylladb). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/). @@ -261,10 +266,10 @@ docker-compose up -d Additionally, any environment variable beginning with the following prefix will be mapped to its corresponding ScyllaDB key in the proper file: -* `SCYLLADB_CFG_ENV_`: Will add the corresponding key and the provided value to `scylladb-env.sh`. -* `SCYLLADB_CFG_RACKDC_`: Will add the corresponding key and the provided value to `scylladb-rackdc.properties`. -* `SCYLLADB_CFG_COMMITLOG_`: Will add the corresponding key and the provided value to `commitlog_archiving.properties`. -* `SCYLLADB_CFG_YAML_`: Will add the corresponding key and the provided value to `scylladb.yaml`. +- `SCYLLADB_CFG_ENV_`: Will add the corresponding key and the provided value to `scylladb-env.sh`. +- `SCYLLADB_CFG_RACKDC_`: Will add the corresponding key and the provided value to `scylladb-rackdc.properties`. +- `SCYLLADB_CFG_COMMITLOG_`: Will add the corresponding key and the provided value to `commitlog_archiving.properties`. +- `SCYLLADB_CFG_YAML_`: Will add the corresponding key and the provided value to `scylladb.yaml`. For example, use `SCYLLADB_CFG_RACKDC_PREFER_LOCAL=true` in order to configure `prefer_local` in `scylladb-rackdc.properties`. Or, use `SCYLLADB_CFG_YAML_INTERNODE_COMPRESSION=all` in order to set `internode_compression` to `all` in `scylladb.yaml`. @@ -272,7 +277,7 @@ For example, use `SCYLLADB_CFG_RACKDC_PREFER_LOCAL=true` in order to configure ` When you start the scylladb image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section: +- For docker-compose add the variable name and value under the application section: ```yaml scylladb: @@ -281,7 +286,7 @@ scylladb: - SCYLLADB_TRANSPORT_PORT_NUMBER=7000 ``` -* For manual execution add a `-e` option with each variable and value: +- For manual execution add a `-e` option with each variable and value: ```console $ docker run --name scylladb -d -p 7000:7000 --network=scylladb_network \ @@ -442,15 +447,15 @@ Refer to the [configuration](http://docs.datastax.com/en/scylladb/3.x/scylladb/c The Bitnami ScyllaDB Docker image allows configuring TLS encryption between nodes and between server-client. This is done by mounting in `/bitnami/scylladb/secrets` two files: -* `keystore`: File with the server keystore -* `truststore`: File with the server truststore +- `keystore`: File with the server keystore +- `truststore`: File with the server truststore Apart from that, the following environment variables must be set: -* `SCYLLADB_KEYSTORE_PASSWORD`: Password for accessing the keystore. -* `SCYLLADB_TRUSTSTORE_PASSWORD`: Password for accessing the truststore. -* `SCYLLADB_INTERNODE_ENCRYPTION`: Sets the type of encryption between nodes. The default value is `none`. Can be set to `all`, `none`, `dc` or `rack`. -* `SCYLLADB_CLIENT_ENCRYPTION`: Enables client-server encryption. The default value is `false`. +- `SCYLLADB_KEYSTORE_PASSWORD`: Password for accessing the keystore. +- `SCYLLADB_TRUSTSTORE_PASSWORD`: Password for accessing the truststore. +- `SCYLLADB_INTERNODE_ENCRYPTION`: Sets the type of encryption between nodes. The default value is `none`. Can be set to `all`, `none`, `dc` or `rack`. +- `SCYLLADB_CLIENT_ENCRYPTION`: Enables client-server encryption. The default value is `false`. ## Logging diff --git a/bitnami/sealed-secrets-controller/README.md b/bitnami/sealed-secrets-controller/README.md index 946d41da2eae..85fbcd2ae17f 100644 --- a/bitnami/sealed-secrets-controller/README.md +++ b/bitnami/sealed-secrets-controller/README.md @@ -12,23 +12,28 @@ docker run --name sealed-secrets bitnami/sealed-secrets:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Sealed Secrets in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -73,7 +78,7 @@ docker run --rm --name sealed-secrets bitnami/sealed-secrets:latest -- kubeseal ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/sealed-secrets-kubeseal/README.md b/bitnami/sealed-secrets-kubeseal/README.md index 7d6e4a4161e6..1e2d26de5ca4 100644 --- a/bitnami/sealed-secrets-kubeseal/README.md +++ b/bitnami/sealed-secrets-kubeseal/README.md @@ -12,23 +12,28 @@ docker run --name sealed-secrets-kubeseal bitnami/sealed-secrets-kubeseal:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Kubeseal (Sealed Secrets) in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -73,7 +78,7 @@ docker run --rm --name sealed-secrets-kubeseal bitnami/sealed-secrets-kubeseal:l ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/seaweedfs/README.md b/bitnami/seaweedfs/README.md index 387f229ce998..0c15d78b2c57 100644 --- a/bitnami/seaweedfs/README.md +++ b/bitnami/seaweedfs/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name seaweedfs bitnami/seaweedfs:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use SeaweedFS in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/solr/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/solr/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/solr/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/solr/9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/solr/README.md b/bitnami/solr/README.md index 82c754cd4d67..47229f99c889 100644 --- a/bitnami/solr/README.md +++ b/bitnami/solr/README.md @@ -15,23 +15,28 @@ docker run --name solr bitnami/solr:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Solr in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -318,23 +323,23 @@ docker-compose up solr ### 8.11.3-debian-12-r2 and 9.5.0-debian-12-r7 -* Remove HDFS modules due to CVEs +- Remove HDFS modules due to CVEs ### 8.8.0-debian-10-r11 -* Adds SSL support. +- Adds SSL support. ### 8.8.0-debian-10-r9 -* The Solr container initialization logic has been moved to Bash scripts. -* The size of the container image has been decreased. -* Added the support for cloud mode. -* Added support for authentication and admin user creation. -* Data migration for the upgrades. If you are running an older version of this container, run this version as user `root` and it will migrate your current data. +- The Solr container initialization logic has been moved to Bash scripts. +- The size of the container image has been decreased. +- Added the support for cloud mode. +- Added support for authentication and admin user creation. +- Data migration for the upgrades. If you are running an older version of this container, run this version as user `root` and it will migrate your current data. ### 7.4.0-r23 -* The Solr container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Solr daemon was started as the `solr` user. From now on, both the container and the Solr daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Solr container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Solr daemon was started as the `solr` user. From now on, both the container and the Solr daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ## Using `docker-compose.yaml` diff --git a/bitnami/sonarqube/24/README.md b/bitnami/sonarqube/24/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/sonarqube/24/README.md +++ b/bitnami/sonarqube/24/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/sonarqube/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/sonarqube/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/sonarqube/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/sonarqube/25/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/sonarqube/9/README.md b/bitnami/sonarqube/9/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/sonarqube/9/README.md +++ b/bitnami/sonarqube/9/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/sonarqube/README.md b/bitnami/sonarqube/README.md index ab38ca89bdca..26791748cc23 100644 --- a/bitnami/sonarqube/README.md +++ b/bitnami/sonarqube/README.md @@ -15,14 +15,25 @@ docker run --name sonarqube bitnami/sonarqube:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use SonarQube™ in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use SonarQube™ in production? Try [VMware Tanzu Application Cat Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -249,7 +254,7 @@ docker run -d --name sonarqube \ When you start the SonarQube™ image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: ```yaml sonarqube: @@ -259,7 +264,7 @@ When you start the SonarQube™ image, you can adjust the configuration of t ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name sonarqube -p 80:8080 -p 443:8443 \ @@ -275,7 +280,7 @@ When you start the SonarQube™ image, you can adjust the configuration of t This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: ```yaml sonarqube: @@ -291,7 +296,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name sonarqube -p 80:8080 -p 443:8443 \ @@ -310,7 +315,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami SonarQube™ container supports connecting the SonarQube™ application to an external database. This would be an example of using an external database for SonarQube™. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/sonarqube/docker-compose.yml) file present in this repository: ```diff sonarqube: @@ -326,7 +331,7 @@ The Bitnami SonarQube™ container supports connecting the SonarQube™ ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name sonarqube\ @@ -454,10 +459,10 @@ docker-compose up -d ### 9.0.0-debian-10-r0 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* The SonarQube™ container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the SonarQube™ daemon was started as the `sonarqube` user. From now on, both the container and the SonarQube™ daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the SonarQube™ site by exporting its content, and importing it on a new SonarQube™ container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The SonarQube™ container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the SonarQube™ daemon was started as the `sonarqube` user. From now on, both the container and the SonarQube™ daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences: + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the SonarQube™ site by exporting its content, and importing it on a new SonarQube™ container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container. ## Contributing diff --git a/bitnami/spark/3.5/README.md b/bitnami/spark/3.5/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/spark/3.5/README.md +++ b/bitnami/spark/3.5/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/spark/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/spark/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/spark/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/spark/4.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/spark/README.md b/bitnami/spark/README.md index 24d7243497d2..f3540e08620a 100644 --- a/bitnami/spark/README.md +++ b/bitnami/spark/README.md @@ -17,14 +17,25 @@ docker run --name spark bitnami/spark:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Spark in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -36,12 +47,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -123,7 +128,7 @@ For example, you could still use `SPARK_WORKER_CORES` or `SPARK_WORKER_MEMORY` t When you start the spark image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/spark/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/spark/docker-compose.yml) file present in this repository: ```yaml spark: @@ -133,7 +138,7 @@ spark: ... ``` -* For manual execution add a -e option with each variable and value: +- For manual execution add a -e option with each variable and value: ```console docker run -d --name spark \ @@ -360,15 +365,15 @@ docker-compose up spark ### 4.0.0-debian-10-r2 -* The container image was updated to use `hadoop-aws` `3.4.x` and `aws-java-sdk` was removed. If you want to use a different version, please read [Using a different version of Hadoop jars](#using-a-different-version-of-hadoop-jars). +- The container image was updated to use `hadoop-aws` `3.4.x` and `aws-java-sdk` was removed. If you want to use a different version, please read [Using a different version of Hadoop jars](#using-a-different-version-of-hadoop-jars). ### 3.0.0-debian-10-r44 -* The container image was updated to use `hadoop-aws` `3.2.x`. If you want to use a different version, please read [Using a different version of Hadoop jars](#using-a-different-version-of-hadoop-jars). +- The container image was updated to use `hadoop-aws` `3.2.x`. If you want to use a different version, please read [Using a different version of Hadoop jars](#using-a-different-version-of-hadoop-jars). ### 2.4.5-debian-10-r49 -* This image now has an aws-cli and two jars: `hadoop-aws` and `aws-java-sdk` for provide an easier way to use AWS. +- This image now has an aws-cli and two jars: `hadoop-aws` and `aws-java-sdk` for provide an easier way to use AWS. ## Using `docker-compose.yaml` diff --git a/bitnami/statsd-exporter/README.md b/bitnami/statsd-exporter/README.md index 8a7c56bd61ea..f289c7f1a709 100644 --- a/bitnami/statsd-exporter/README.md +++ b/bitnami/statsd-exporter/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name statsd-exporter bitnami/statsd-exporter:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use StatsD exporter in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use StatsD exporter in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/suitecrm/7/README.md b/bitnami/suitecrm/7/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/suitecrm/7/README.md +++ b/bitnami/suitecrm/7/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/suitecrm/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/suitecrm/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/suitecrm/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/suitecrm/8/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/suitecrm/README.md b/bitnami/suitecrm/README.md index af785f92560b..a75fcb8f9afe 100644 --- a/bitnami/suitecrm/README.md +++ b/bitnami/suitecrm/README.md @@ -15,23 +15,28 @@ docker run --name suitecrm bitnami/suitecrm:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use SuiteCRM in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -237,7 +242,7 @@ docker run -d --name suitecrm \ When you start the SuiteCRM image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/suitecrm/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/suitecrm/docker-compose.yml) file present in this repository: ```yaml suitecrm: @@ -247,7 +252,7 @@ suitecrm: ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console docker run -d --name suitecrm -p 80:8080 -p 443:8443 \ @@ -261,7 +266,7 @@ suitecrm: This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/suitecrm/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/suitecrm/docker-compose.yml) file present in this repository: ```yaml suitecrm: @@ -278,7 +283,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console docker run -d --name suitecrm -p 80:8080 -p 443:8443 \ @@ -407,10 +412,10 @@ The Bitnami SuiteCRM Docker image is designed to be extended so it can be used a Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -424,9 +429,9 @@ FROM bitnami/suitecrm Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache ```Dockerfile FROM bitnami/suitecrm @@ -475,12 +480,12 @@ RUN openssl genrsa -out /opt/bitnami/suitecrm/Api/V8/OAuth2/private.key 2048 && ### 7.11.18-debian-10-r13 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* `SUITECRM_HTTP_TIMEOUT` environment variable has been removed. -* The SuiteCRM container now supports the "non-root" user approach, but it still runs as the root user by default. When running as a non-root user, all services will be run under the same user and Cron jobs will be disabled as crond requires to be run as a superuser. To run as a non-root user, change USER root to USER 1001 in the Dockerfile, or use user: 1001 in docker-compose.yml. Related changes: -* The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. -* Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the SuiteCRM site by exporting its content, and importing it on a new SuiteCRM container. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- `SUITECRM_HTTP_TIMEOUT` environment variable has been removed. +- The SuiteCRM container now supports the "non-root" user approach, but it still runs as the root user by default. When running as a non-root user, all services will be run under the same user and Cron jobs will be disabled as crond requires to be run as a superuser. To run as a non-root user, change USER root to USER 1001 in the Dockerfile, or use user: 1001 in docker-compose.yml. Related changes: +- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. +- Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the SuiteCRM site by exporting its content, and importing it on a new SuiteCRM container. To upgrade a deployment with the previous Bitnami SuiteCRM container image, which did not support non-root, the easiest way is to start the new image as a *root* user and updating the port numbers. Modify your `docker-compose.yml` file as follows: @@ -497,14 +502,14 @@ To upgrade a deployment with the previous Bitnami SuiteCRM container image, whic ### 7.11.4-debian-9-r21 and 7.11.4-ol-7-r32 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ### 7.10.10-debian-9-r18 and 7.10.10-ol-7-r24 -* Due to several broken SuiteCRM features and plugins, the entire `htdocs` directory is now being persisted (instead of a select number of files and directories). Because of this, upgrades will not work and a full migration needs to be performed. Upgrade instructions have been updated to reflect these changes. +- Due to several broken SuiteCRM features and plugins, the entire `htdocs` directory is now being persisted (instead of a select number of files and directories). Because of this, upgrades will not work and a full migration needs to be performed. Upgrade instructions have been updated to reflect these changes. ## Contributing diff --git a/bitnami/superset/4/README.md b/bitnami/superset/4/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/superset/4/README.md +++ b/bitnami/superset/4/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/superset/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/superset/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/superset/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/superset/5/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/superset/README.md b/bitnami/superset/README.md index 78e6cbb0e5c6..75a02161388f 100644 --- a/bitnami/superset/README.md +++ b/bitnami/superset/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name superset bitnami/superset ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Superset in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Apache Superset in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -86,7 +91,7 @@ docker run -it --name superset -v /path/to/app:/app bitnami/superset \ **Further Reading:** -* [Superset documentation](https://superset.apache.org/docs/) +- [Superset documentation](https://superset.apache.org/docs/) ## Maintenance diff --git a/bitnami/telegraf/README.md b/bitnami/telegraf/README.md index d406a848bfdb..3e12e18df6f1 100644 --- a/bitnami/telegraf/README.md +++ b/bitnami/telegraf/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name telegraf bitnami/telegraf:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Telegraf ™ in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -76,7 +81,7 @@ Check the [official Telegraf documentation](https://docs.influxdata.com/telegraf ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/tensorflow-resnet/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/tensorflow-resnet/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/tensorflow-resnet/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/tensorflow-resnet/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/tensorflow-resnet/README.md b/bitnami/tensorflow-resnet/README.md index c200bc53b725..765fff16ec97 100644 --- a/bitnami/tensorflow-resnet/README.md +++ b/bitnami/tensorflow-resnet/README.md @@ -18,14 +18,25 @@ curl -o resnet_50_classification_1.tar.gz https://storage.googleapis.com/tfhub-m tar xzf resnet_50_classification_1.tar.gz -C 1 ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use TensorFlow ResNet in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Looking to use TensorFlow ResNet in production? Try [VMware Tanzu Application Ca Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -91,7 +96,7 @@ Bitnami provides up-to-date versions of Tensorflow-Serving and TensorFlow ResNet 2. Stop your container - * `$ docker stop tensorflow-resnet` + - `$ docker stop tensorflow-resnet` 3. Take a snapshot of the application state @@ -105,11 +110,11 @@ You can use these snapshots to restore the application state should the upgrade 1. Remove the currently running container - * `$ docker rm tensorflow-resnet` + - `$ docker rm tensorflow-resnet` 2. Run the new image - * Mount the directories if needed: `docker run --name tensorflow-resnet bitnami/tensorflow-resnet:latest` + - Mount the directories if needed: `docker run --name tensorflow-resnet bitnami/tensorflow-resnet:latest` ## Configuration @@ -160,11 +165,11 @@ Tensorflow Resnet can be customized by specifying environment variables on the f ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ### 2.4.1-debian-10-r87 -* The container initialization logic is now using bash. +- The container initialization logic is now using bash. ## Contributing diff --git a/bitnami/tensorflow-serving/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/tensorflow-serving/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/tensorflow-serving/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/tensorflow-serving/2/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/tensorflow-serving/README.md b/bitnami/tensorflow-serving/README.md index 095143584f48..1bc3f0c88e7c 100644 --- a/bitnami/tensorflow-serving/README.md +++ b/bitnami/tensorflow-serving/README.md @@ -15,14 +15,25 @@ docker run --name tensorflow-serving bitnami/tensorflow-serving:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use TensorFlow Serving in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use TensorFlow Serving in production? Try [VMware Tanzu Application C Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -351,16 +356,16 @@ docker-compose start tensorflow-serving ### 2.5.1-debian-10-r12 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the rootfs/ folder. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the rootfs/ folder. ### 1.12.0-r34 -* The TensorFlow Serving container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the TensorFlow Serving daemon was started as the `tensorflow` user. From now on, both the container and the TensorFlow Serving daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The TensorFlow Serving container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the TensorFlow Serving daemon was started as the `tensorflow` user. From now on, both the container and the TensorFlow Serving daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 1.8.0-r12, 1.8.0-debian-9-r1, 1.8.0-ol-7-r11 -* The default serving port has changed from 9000 to 8500. +- The default serving port has changed from 9000 to 8500. ## Using `docker-compose.yaml` diff --git a/bitnami/tensorflow/README.md b/bitnami/tensorflow/README.md index 32f073ac8bf4..2a335dfc3f5a 100644 --- a/bitnami/tensorflow/README.md +++ b/bitnami/tensorflow/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name tensorflow bitnami/tensorflow ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Tensorflow in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Tensorflow in production? Try [VMware Tanzu Application Catalog]( Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -94,7 +99,7 @@ docker run -it --name tensorflow -v /path/to/app:/app bitnami/tensorflow \ **Further Reading:** -* [tensorflow documentation](https://tensorflow.orgdocs/) +- [tensorflow documentation](https://tensorflow.orgdocs/) ## Maintenance @@ -126,7 +131,7 @@ docker run --name tensorflow bitnami/tensorflow:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/thanos/README.md b/bitnami/thanos/README.md index 1322dfcd25c9..7c479b3e950e 100644 --- a/bitnami/thanos/README.md +++ b/bitnami/thanos/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name thanos bitnami/thanos:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Thanos in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -86,8 +91,8 @@ scrape_configs: Use the `docker run` command to launch the Prometheus containers using the arguments below: -* `--network ` argument to attach the container to the `thanos-network` network. -* `--volume [host-src:]container-dest[:]` argument to mount the configuration file for Prometheus and a data volume to avoid loss of data. As this is a non-root container, the mounted files and directories must have the proper permissions for the UID `1001`. +- `--network ` argument to attach the container to the `thanos-network` network. +- `--volume [host-src:]container-dest[:]` argument to mount the configuration file for Prometheus and a data volume to avoid loss of data. As this is a non-root container, the mounted files and directories must have the proper permissions for the UID `1001`. ```console docker run -d --name "prometheus" \ @@ -101,8 +106,8 @@ docker run -d --name "prometheus" \ Use the `docker run` command to launch the Thanos sidecar container using the argument below and overwriting the default command: -* `--network ` argument to attach the container to the `thanos-network` network. -* `--volume [host-src:]container-dest[:]` argument to mount the Prometheus data volume. +- `--network ` argument to attach the container to the `thanos-network` network. +- `--volume [host-src:]container-dest[:]` argument to mount the Prometheus data volume. ```console docker run -d --name "thanos-sidecar" \ @@ -115,8 +120,8 @@ docker run -d --name "thanos-sidecar" \ Use the `docker run` command to launch the Thanos Query container using the argument below and overwriting the default command: -* `--network ` argument to attach the container to the `thanos-network` network. -* `--expose [hostPort:containerPort]` argument to expose the port `9090`. +- `--network ` argument to attach the container to the `thanos-network` network. +- `--expose [hostPort:containerPort]` argument to expose the port `9090`. ```console docker run -d --name "thanos-query" \ @@ -162,12 +167,12 @@ docker-compose up -d Thanos can be configured via command-line flags and, depending on them, the same container image can be used to create components with differentes roles: -* Sidecar: connects to Prometheus, reads its data for query and/or uploads it to cloud storage. -* Store Gateway: serves metrics inside of a cloud storage bucket. -* Compactor: compacts, downsamples and applies retention on the data stored in cloud storage bucket. -* Receiver: receives data from Prometheus’ remote-write WAL, exposes it and/or upload it to cloud storage. -* Ruler/Rule: evaluates recording and alerting rules against data in Thanos for exposition and/or upload. -* Querier/Query: implements Prometheus' v1 API to aggregate data from the underlying components. +- Sidecar: connects to Prometheus, reads its data for query and/or uploads it to cloud storage. +- Store Gateway: serves metrics inside of a cloud storage bucket. +- Compactor: compacts, downsamples and applies retention on the data stored in cloud storage bucket. +- Receiver: receives data from Prometheus’ remote-write WAL, exposes it and/or upload it to cloud storage. +- Ruler/Rule: evaluates recording and alerting rules against data in Thanos for exposition and/or upload. +- Querier/Query: implements Prometheus' v1 API to aggregate data from the underlying components. For further documentation, please check [Thanos documentation](https://github.com/thanos-io/thanos/tree/master/docs). diff --git a/bitnami/tomcat/10.1/README.md b/bitnami/tomcat/10.1/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/tomcat/10.1/README.md +++ b/bitnami/tomcat/10.1/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/tomcat/11.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/tomcat/11.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/tomcat/11.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/tomcat/11.0/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/tomcat/9.0/README.md b/bitnami/tomcat/9.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/tomcat/9.0/README.md +++ b/bitnami/tomcat/9.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/tomcat/README.md b/bitnami/tomcat/README.md index 2fbe7b08d10e..bdd9c7b90456 100644 --- a/bitnami/tomcat/README.md +++ b/bitnami/tomcat/README.md @@ -15,14 +15,25 @@ docker run --name tomcat bitnami/tomcat:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache Tomcat in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -115,7 +120,7 @@ You can also deploy web applications on a running Apache Tomcat instance using t **Further Reading:** -* [Apache Tomcat Web Application Deployment](https://tomcat.apache.org/tomcat-7.0-doc/deployer-howto.html) +- [Apache Tomcat Web Application Deployment](https://tomcat.apache.org/tomcat-7.0-doc/deployer-howto.html) ## Accessing your Apache Tomcat server from the host @@ -315,20 +320,20 @@ docker-compose up tomcat ### Debian: 9.0.26-r0, 8.5.46-r0, 8.0.53-r382, 7.0.96-r50. Oracle: 9.0.24-ol-7-r35, 8.5.45-ol-7-r34, 8.0.53-ol-7-r426, 7.0.96-ol-7-r61 -* Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. +- Decrease the size of the container. The configuration logic is now based on Bash scripts in the `rootfs/` folder. ### 9.0.13-r27 , 8.5.35-r26, 8.0.53-r131 & 7.0.92-r20 -* The Apache Tomcat container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache Tomcat daemon was started as the `tomcat` user. From now on, both the container and the Apache Tomcat daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The Apache Tomcat container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the Apache Tomcat daemon was started as the `tomcat` user. From now on, both the container and the Apache Tomcat daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 8.0.35-r3 -* `TOMCAT_USER` parameter has been renamed to `TOMCAT_USERNAME`. +- `TOMCAT_USER` parameter has been renamed to `TOMCAT_USERNAME`. ### 8.0.35-r0 -* All volumes have been merged at `/bitnami/tomcat`. Now you only need to mount a single volume at `/bitnami/tomcat` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/tomcat`. Now you only need to mount a single volume at `/bitnami/tomcat` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/trivy/README.md b/bitnami/trivy/README.md index 8638196a5cac..966ddaf1eb8e 100644 --- a/bitnami/trivy/README.md +++ b/bitnami/trivy/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name trivy bitnami/trivy:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Trivy in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -80,11 +85,11 @@ Check the [official Trivy documentation](https://github.com/aquasecurity/trivy#u ### 0.60.0-debian-12-r2 -* This image revision dramatically reduces the image given it removes the existing OS distro. Instead, it simply includes the NATS binary on top of a scratch base image. +- This image revision dramatically reduces the image given it removes the existing OS distro. Instead, it simply includes the NATS binary on top of a scratch base image. ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/valkey-cluster/7.2/README.md b/bitnami/valkey-cluster/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey-cluster/7.2/README.md +++ b/bitnami/valkey-cluster/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey-cluster/8.0/README.md b/bitnami/valkey-cluster/8.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey-cluster/8.0/README.md +++ b/bitnami/valkey-cluster/8.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey-cluster/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/valkey-cluster/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/valkey-cluster/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/valkey-cluster/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/valkey-cluster/README.md b/bitnami/valkey-cluster/README.md index e4d1ce580a15..21e7e54f5bea 100644 --- a/bitnami/valkey-cluster/README.md +++ b/bitnami/valkey-cluster/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name valkey-cluster -e ALLOW_EMPTY_PASSWORD=yes bitnami/valkey-cluster:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Valkey Cluster in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Valkey Cluster in production? Try [VMware Tanzu Application Catal Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Valkey Cluster Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/valkey-cluster). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -372,7 +377,7 @@ We'd love for you to contribute to this container. You can request new features ### Starting October 20, 2024 -* All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. +- All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. ## Issues diff --git a/bitnami/valkey-sentinel/7.2/README.md b/bitnami/valkey-sentinel/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey-sentinel/7.2/README.md +++ b/bitnami/valkey-sentinel/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey-sentinel/8.0/README.md b/bitnami/valkey-sentinel/8.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey-sentinel/8.0/README.md +++ b/bitnami/valkey-sentinel/8.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey-sentinel/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/valkey-sentinel/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/valkey-sentinel/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/valkey-sentinel/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/valkey-sentinel/README.md b/bitnami/valkey-sentinel/README.md index e58a0c8eae5d..33a8c1cc805d 100644 --- a/bitnami/valkey-sentinel/README.md +++ b/bitnami/valkey-sentinel/README.md @@ -15,14 +15,25 @@ docker run --name valkey-sentinel -e VALKEY_PRIMARY_HOST=valkey bitnami/valkey-s **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Valkey Sentinel in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -30,12 +41,6 @@ Looking to use Valkey Sentinel in production? Try [VMware Tanzu Application Cata Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -272,7 +277,7 @@ We'd love for you to contribute to this container. You can request new features ### Starting October 20, 2024 -* All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. +- All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. ## Issues diff --git a/bitnami/valkey/7.2/README.md b/bitnami/valkey/7.2/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey/7.2/README.md +++ b/bitnami/valkey/7.2/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey/8.0/README.md b/bitnami/valkey/8.0/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/valkey/8.0/README.md +++ b/bitnami/valkey/8.0/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/valkey/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/valkey/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/valkey/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/valkey/8.1/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/valkey/README.md b/bitnami/valkey/README.md index a99fc8049142..9fd23453b607 100644 --- a/bitnami/valkey/README.md +++ b/bitnami/valkey/README.md @@ -15,14 +15,25 @@ docker run --name valkey -e ALLOW_EMPTY_PASSWORD=yes bitnami/valkey:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Valkey in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -34,12 +45,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -235,7 +240,7 @@ docker-compose up -d For security reasons, you may want to disable some commands. You can specify them by using the following environment variable on the first run: -* `VALKEY_DISABLE_COMMANDS`: Comma-separated list of Valkey commands to disable. Defaults to empty. +- `VALKEY_DISABLE_COMMANDS`: Comma-separated list of Valkey commands to disable. Defaults to empty. ```console docker run --name valkey -e VALKEY_DISABLE_COMMANDS=FLUSHDB,FLUSHALL,CONFIG bitnami/valkey:latest @@ -392,12 +397,12 @@ services: A replication cluster can easily be setup with the Bitnami Valkey Docker Image using the following environment variables: -* `VALKEY_REPLICATION_MODE`: The replication mode. Possible values `primary`/`replica`. No defaults. -* `VALKEY_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. -* `VALKEY_REPLICA_PORT`: The replication announce port. Defaults to `VALKEY_PRIMARY_PORT_NUMBER`. -* `VALKEY_PRIMARY_HOST`: Hostname/IP of replication primary (replica node parameter). No defaults. -* `VALKEY_PRIMARY_PORT_NUMBER`: Server port of the replication primaty (replica node parameter). Defaults to `6379`. -* `VALKEY_PRIMARY_PASSWORD`: Password to authenticate with the primary (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set the `VALKEY_PRIMARY_PASSWORD_FILE` variable. +- `VALKEY_REPLICATION_MODE`: The replication mode. Possible values `primary`/`replica`. No defaults. +- `VALKEY_REPLICA_IP`: The replication announce ip. Defaults to `$(get_machine_ip)` which return the ip of the container. +- `VALKEY_REPLICA_PORT`: The replication announce port. Defaults to `VALKEY_PRIMARY_PORT_NUMBER`. +- `VALKEY_PRIMARY_HOST`: Hostname/IP of replication primary (replica node parameter). No defaults. +- `VALKEY_PRIMARY_PORT_NUMBER`: Server port of the replication primaty (replica node parameter). Defaults to `6379`. +- `VALKEY_PRIMARY_PASSWORD`: Password to authenticate with the primary (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set the `VALKEY_PRIMARY_PASSWORD_FILE` variable. In a replication cluster you can have one primary and zero or more replicas. When replication is enabled the primary node is in read-write mode, while the replicas are in read-only mode. For best performance its advisable to limit the reads to the replicas. @@ -485,14 +490,14 @@ The above command scales up the number of replicas to `3`. You can scale down in Valkey adds the support for SSL/TLS connections. Should you desire to enable this optional feature, you may use the following environment variables to configure the application: -* `VALKEY_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. -* `VALKEY_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. -* `VALKEY_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. -* `VALKEY_TLS_KEY_FILE`: File containing the key for certificate. No defaults. -* `VALKEY_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `VALKEY_TLS_CA_DIR`). No defaults. -* `VALKEY_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. -* `VALKEY_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. -* `VALKEY_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. +- `VALKEY_TLS_ENABLED`: Whether to enable TLS for traffic or not. Defaults to `no`. +- `VALKEY_TLS_PORT_NUMBER`: Port used for TLS secure traffic. Defaults to `6379`. +- `VALKEY_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults. +- `VALKEY_TLS_KEY_FILE`: File containing the key for certificate. No defaults. +- `VALKEY_TLS_CA_FILE`: File containing the CA of the certificate (takes precedence over `VALKEY_TLS_CA_DIR`). No defaults. +- `VALKEY_TLS_CA_DIR`: Directory containing the CA certificates. No defaults. +- `VALKEY_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults. +- `VALKEY_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`. When enabling TLS, conventional standard traffic is disabled by default. However this new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To enable non-TLS traffic, set `VALKEY_TLS_PORT_NUMBER` to another port different than `0`. @@ -697,7 +702,7 @@ We'd love for you to contribute to this container. You can request new features ### Starting October 20, 2024 -* All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. +- All the references have been updated from `master/slave` to `primary/replica` to follow the upstream project strategy. Environment variables previously prefixed as `VALKEY_MASTER` or `VALKEY_SENTINEL_MASTER` use `VALKEY_PRIMARY` and `VALKEY_SENTINEL_PRIMARY` now. ## Issues diff --git a/bitnami/vault-csi-provider/README.md b/bitnami/vault-csi-provider/README.md index eee9cd7838e4..af6ee5b0e916 100644 --- a/bitnami/vault-csi-provider/README.md +++ b/bitnami/vault-csi-provider/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault-csi-provider bitnami/vault-csi-provider ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use HashiCorp Vault CSI Provider in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official HashiCorp Vault CSI Provider documentation](https://github.c ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/vault-k8s/README.md b/bitnami/vault-k8s/README.md index 3e4b5126bd8b..0847adc3cc1a 100644 --- a/bitnami/vault-k8s/README.md +++ b/bitnami/vault-k8s/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault-k8s bitnami/vault-k8s ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use HashiCorp Vault K8s Integration in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official HashiCorp Vault K8s Integration documentation](https://githu ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/vault/README.md b/bitnami/vault/README.md index 56c14d15e23e..867b80b92b8f 100644 --- a/bitnami/vault/README.md +++ b/bitnami/vault/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault bitnami/vault ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use HashiCorp Vault in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official HashiCorp Vault documentation](https://www.vaultproject.io/) ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/versitygw/README.md b/bitnami/versitygw/README.md index df15b1bfb39a..ba16cfffdef6 100644 --- a/bitnami/versitygw/README.md +++ b/bitnami/versitygw/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name versitygw bitnami/versitygw:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Versity S3 Gateway in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container, you can use `docker run`, for example to docker run --rm --name versitygw bitnami/versitygw:latest -- --help ``` -Check the [official Versity S3 Gateway documentation](https://www.versity.com/products/versitygw/ for more information. +Check the [official Versity S3 Gateway documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vmagent/README.md b/bitnami/victoriametrics-vmagent/README.md index 473d7a5e8705..760404ef09ff 100644 --- a/bitnami/victoriametrics-vmagent/README.md +++ b/bitnami/victoriametrics-vmagent/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmagent bitnami/victoriametrics-vmagent:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics Agent in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vmagent bitnami/victoriametrics-vmagent:latest -- --help ``` -Check the [official VictoriaMetrics Agent documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics Agent documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vmalert/README.md b/bitnami/victoriametrics-vmalert/README.md index cede77255dbe..a19e6aeec245 100644 --- a/bitnami/victoriametrics-vmalert/README.md +++ b/bitnami/victoriametrics-vmalert/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmalert bitnami/victoriametrics-vmalert:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics Alert in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vmalert bitnami/victoriametrics-vmalert:latest -- --help ``` -Check the [official VictoriaMetrics Alert documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics Alert documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vmauth/README.md b/bitnami/victoriametrics-vmauth/README.md index 5ad22aaf80a7..708a7ad0f58b 100644 --- a/bitnami/victoriametrics-vmauth/README.md +++ b/bitnami/victoriametrics-vmauth/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmauth bitnami/victoriametrics-vmauth:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics Auth in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vmauth bitnami/victoriametrics-vmauth:latest -- --help ``` -Check the [official VictoriaMetrics Auth documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics Auth documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vminsert/README.md b/bitnami/victoriametrics-vminsert/README.md index 6d5a1391ae53..de2f4874aacf 100644 --- a/bitnami/victoriametrics-vminsert/README.md +++ b/bitnami/victoriametrics-vminsert/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vminsert bitnami/victoriametrics-vminsert:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics Insert in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vminsert bitnami/victoriametrics-vminsert:latest -- --help ``` -Check the [official VictoriaMetrics Insert documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics Insert documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vmselect/README.md b/bitnami/victoriametrics-vmselect/README.md index 7cf5af399c3d..6d4086724b40 100644 --- a/bitnami/victoriametrics-vmselect/README.md +++ b/bitnami/victoriametrics-vmselect/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmselect bitnami/victoriametrics-vmselect:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vmselect bitnami/victoriametrics-vmselect:latest -- --help ``` -Check the [official VictoriaMetrics documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics documentation]( for more information. ## Contributing diff --git a/bitnami/victoriametrics-vmstorage/README.md b/bitnami/victoriametrics-vmstorage/README.md index 7b13129ee062..271aa53f1995 100644 --- a/bitnami/victoriametrics-vmstorage/README.md +++ b/bitnami/victoriametrics-vmstorage/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmstorage bitnami/victoriametrics-vmstorage:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VictoriaMetrics Storage in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -74,7 +79,7 @@ To run commands inside this container you can use `docker run`, for example to e docker run --rm --name victoriametrics-vmstorage bitnami/victoriametrics-vmstorage:latest -- --help ``` -Check the [official VictoriaMetrics Storage documentation](https://victoriametrics.com/ for more information. +Check the [official VictoriaMetrics Storage documentation]( for more information. ## Contributing diff --git a/bitnami/volsync/README.md b/bitnami/volsync/README.md index c3a03a9895ad..4dc66cace980 100644 --- a/bitnami/volsync/README.md +++ b/bitnami/volsync/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name volsync bitnami/volsync:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use VolSync in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). diff --git a/bitnami/whereabouts/README.md b/bitnami/whereabouts/README.md index 18b2c1b8a5a9..7c293a50f4ef 100644 --- a/bitnami/whereabouts/README.md +++ b/bitnami/whereabouts/README.md @@ -13,23 +13,28 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name whereabouts bitnami/whereabouts ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Whereabouts in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -102,7 +107,7 @@ Check the [official Whereabouts documentation](https://github.com/k8snetworkplum ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/wildfly/36/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/wildfly/36/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/wildfly/36/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/wildfly/36/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/wildfly/README.md b/bitnami/wildfly/README.md index 145a99285487..e6ee72740157 100644 --- a/bitnami/wildfly/README.md +++ b/bitnami/wildfly/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name wildfly bitnami/wildfly:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use WildFly in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -350,26 +355,26 @@ docker-compose up wildfly ### 22.0.1-debian-10-r68 and 23.0.1-debian-10-r8 release -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* The configuration is no longer persisted, instead it's adapted based on environment variables during the container initialization on every container restart. You can also mount custom configuration files and skip the configuration based on environment variables as it's detailed in [this section](#full-configuration). +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- The configuration is no longer persisted, instead it's adapted based on environment variables during the container initialization on every container restart. You can also mount custom configuration files and skip the configuration based on environment variables as it's detailed in [this section](#full-configuration). Consequences: -* Backwards compatibility should be possible, but it is highly recommended to backup your application data before upgrading. +- Backwards compatibility should be possible, but it is highly recommended to backup your application data before upgrading. ### 14.0.1-r75 -* The WildFly container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the WildFly daemon was started as the `wildfly` user. From now on, both the container and the WildFly daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- The WildFly container has been migrated to a non-root user approach. Previously the container ran as the `root` user and the WildFly daemon was started as the `wildfly` user. From now on, both the container and the WildFly daemon run as user `1001`. As a consequence, the data directory must be writable by that user. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. ### 10.0.0-r3 -* `WILDFLY_USER` parameter has been renamed to `WILDFLY_USERNAME`. +- `WILDFLY_USER` parameter has been renamed to `WILDFLY_USERNAME`. ### 10.0.0-r0 -* All volumes have been merged at `/bitnami/wildfly`. Now you only need to mount a single volume at `/bitnami/wildfly` for persistence. -* The logs are always sent to the `stdout` and are no longer collected in the volume. +- All volumes have been merged at `/bitnami/wildfly`. Now you only need to mount a single volume at `/bitnami/wildfly` for persistence. +- The logs are always sent to the `stdout` and are no longer collected in the volume. ## Using `docker-compose.yaml` diff --git a/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/wordpress-nginx/README.md b/bitnami/wordpress-nginx/README.md index ec1fa95948b5..bcc51536bb72 100644 --- a/bitnami/wordpress-nginx/README.md +++ b/bitnami/wordpress-nginx/README.md @@ -14,14 +14,25 @@ docker run --name wordpress-nginx bitnami/wordpress-nginx:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use WordPress with NGINX in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -29,12 +40,6 @@ Looking to use WordPress with NGINX in production? Try [VMware Tanzu Application Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -277,7 +282,7 @@ docker run -d --name wordpress \ When you start the WordPress image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: ```yaml wordpress: @@ -287,7 +292,7 @@ When you start the WordPress image, you can adjust the configuration of the inst ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name wordpress -p 80:8080 -p 443:8443 \ @@ -303,7 +308,7 @@ When you start the WordPress image, you can adjust the configuration of the inst This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: ```yaml wordpress: @@ -319,7 +324,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name wordpress -p 80:8080 -p 443:8443 \ @@ -338,7 +343,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami WordPress container supports connecting the WordPress application to an external database. This would be an example of using an external database for WordPress. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress-nginx/docker-compose.yml) file present in this repository: ```diff wordpress: @@ -354,7 +359,7 @@ The Bitnami WordPress container supports connecting the WordPress application to ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name wordpress\ @@ -377,13 +382,13 @@ The Bitnami WordPress container includes the command line interface **wp-cli** t This would be an example of using **wp-cli** to display the help menu: -* Using `docker-compose` command: +- Using `docker-compose` command: ```console docker-compose exec wordpress wp help ``` -* Using `docker` command: +- Using `docker` command: ```console docker exec wordpress wp help @@ -506,10 +511,10 @@ The Bitnami WordPress with NGINX Docker image is designed to be extended so it c Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by NGINX for HTTP and HTTPS, by setting the environment variables `NGINX_HTTP_PORT_NUMBER` and `NGINX_HTTPS_PORT_NUMBER` respectively. -* [Adding custom server blocks](https://github.com/bitnami/containers/blob/main/bitnami/nginx#adding-custom-server-blocks). -* [Replacing the 'nginx.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/nginx#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/nginx#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by NGINX for HTTP and HTTPS, by setting the environment variables `NGINX_HTTP_PORT_NUMBER` and `NGINX_HTTPS_PORT_NUMBER` respectively. +- [Adding custom server blocks](https://github.com/bitnami/containers/blob/main/bitnami/nginx#adding-custom-server-blocks). +- [Replacing the 'nginx.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/nginx#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/nginx#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -521,9 +526,9 @@ FROM bitnami/wordpress-nginx Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the NGINX configuration file -* Modify the ports used by NGINX +- Install the `vim` editor +- Modify the NGINX configuration file +- Modify the ports used by NGINX ```Dockerfile FROM bitnami/wordpress-nginx @@ -565,32 +570,32 @@ Based on the extended image, you can update the [`docker-compose.yml`](https://g ### 6.4.1-debian-11-r5 -* The XML-RCP endpoint has been disabled by default. Users can manually activate via the new `WORDPRESS_ENABLE_XML_RPC` environment variable. +- The XML-RCP endpoint has been disabled by default. Users can manually activate via the new `WORDPRESS_ENABLE_XML_RPC` environment variable. ### 5.7.1-debian-10-r22 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* Multisite support was added via `WORDPRESS_ENABLE_MULTISITE` and related environment variables. -* Plugins can be installed and activated on the first deployment via `WORDPRESS_PLUGINS`. -* Added support for limiting auto-updates to WordPress core via `WORDPRESS_AUTO_UPDATE_LEVEL`. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. -* This image now supports connecting to MySQL and MariaDB databases securely via SSL. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- Multisite support was added via `WORDPRESS_ENABLE_MULTISITE` and related environment variables. +- Plugins can be installed and activated on the first deployment via `WORDPRESS_PLUGINS`. +- Added support for limiting auto-updates to WordPress core via `WORDPRESS_AUTO_UPDATE_LEVEL`. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. +- This image now supports connecting to MySQL and MariaDB databases securely via SSL. ### 5.3.2-debian-10-r30 -* The WordPress with NGINX container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the NGINX daemon was started as the `daemon` user. From now on, both the container and the NGINX daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. -* Consequences: - * The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the WP site by exporting its content, and importing it on a new WordPress container. In the links below you'll find some alternatives: - * [Migrate WordPress using All-in-One WP Migration plugin](https://docs.bitnami.com/general/how-to/migrate-wordpress/) - * [Migrate WordPress using VaultPress](https://vaultpress.com/) - * No writing permissions will be granted on `wp-config.php` by default. +- The WordPress with NGINX container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the NGINX daemon was started as the `daemon` user. From now on, both the container and the NGINX daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- Consequences: + - The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the WP site by exporting its content, and importing it on a new WordPress container. In the links below you'll find some alternatives: + - [Migrate WordPress using All-in-One WP Migration plugin](https://docs.bitnami.com/general/how-to/migrate-wordpress/) + - [Migrate WordPress using VaultPress](https://vaultpress.com/) + - No writing permissions will be granted on `wp-config.php` by default. ### 5.2.1-debian-9-r8 and 5.2.1-ol-7-r8 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom NGINX certificates by placing them at `/opt/bitnami/nginx/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom NGINX certificates by placing them at `/opt/bitnami/nginx/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ## Contributing diff --git a/bitnami/wordpress/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/wordpress/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/wordpress/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/wordpress/6/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/wordpress/README.md b/bitnami/wordpress/README.md index 57318c3018e2..f2c743b7fd59 100644 --- a/bitnami/wordpress/README.md +++ b/bitnami/wordpress/README.md @@ -14,14 +14,25 @@ docker run --name wordpress bitnami/wordpress:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use WordPress in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -33,12 +44,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -281,7 +286,7 @@ docker run -d --name wordpress \ When you start the WordPress image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. Please note that some variables are only considered when the container is started for the first time. If you want to add a new environment variable: -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: ```yaml wordpress: @@ -291,7 +296,7 @@ When you start the WordPress image, you can adjust the configuration of the inst ... ``` -* For manual execution add a `--env` option with each variable and value: +- For manual execution add a `--env` option with each variable and value: ```console $ docker run -d --name wordpress -p 80:8080 -p 443:8443 \ @@ -307,7 +312,7 @@ When you start the WordPress image, you can adjust the configuration of the inst This would be an example of SMTP configuration using a Gmail account: -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: ```yaml wordpress: @@ -323,7 +328,7 @@ This would be an example of SMTP configuration using a Gmail account: ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name wordpress -p 80:8080 -p 443:8443 \ @@ -342,7 +347,7 @@ This would be an example of SMTP configuration using a Gmail account: The Bitnami WordPress container supports connecting the WordPress application to an external database. This would be an example of using an external database for WordPress. -* Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: +- Modify the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/wordpress/docker-compose.yml) file present in this repository: ```diff wordpress: @@ -358,7 +363,7 @@ The Bitnami WordPress container supports connecting the WordPress application to ... ``` -* For manual execution: +- For manual execution: ```console $ docker run -d --name wordpress\ @@ -381,13 +386,13 @@ The Bitnami WordPress container includes the command line interface **wp-cli** t This would be an example of using **wp-cli** to display the help menu: -* Using `docker-compose` command: +- Using `docker-compose` command: ```console docker-compose exec wordpress wp help ``` -* Using `docker` command: +- Using `docker` command: ```console docker exec wordpress wp help @@ -510,10 +515,10 @@ The Bitnami WordPress Docker image is designed to be extended so it can be used Before extending this image, please note there are certain configuration settings you can modify using the original image: -* Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. -* [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). -* [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). -* [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). +- Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables `APACHE_HTTP_PORT_NUMBER` and `APACHE_HTTPS_PORT_NUMBER` respectively. +- [Adding custom virtual hosts](https://github.com/bitnami/containers/blob/main/bitnami/apache#adding-custom-virtual-hosts). +- [Replacing the 'httpd.conf' file](https://github.com/bitnami/containers/blob/main/bitnami/apache#full-configuration). +- [Using custom SSL certificates](https://github.com/bitnami/containers/blob/main/bitnami/apache#using-custom-ssl-certificates). If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below: @@ -525,9 +530,9 @@ FROM bitnami/wordpress Here is an example of extending the image with the following modifications: -* Install the `vim` editor -* Modify the Apache configuration file -* Modify the ports used by Apache +- Install the `vim` editor +- Modify the Apache configuration file +- Modify the ports used by Apache ```Dockerfile FROM bitnami/wordpress @@ -569,45 +574,45 @@ Based on the extended image, you can update the [`docker-compose.yml`](https://g ### 6.4.1-debian-11-r5 -* The XML-RCP endpoint has been disabled by default. Users can manually activate via the new `WORDPRESS_ENABLE_XML_RPC` environment variable. +- The XML-RCP endpoint has been disabled by default. Users can manually activate via the new `WORDPRESS_ENABLE_XML_RPC` environment variable. ### 5.7.1-debian-10-r21 -* The size of the container image has been decreased. -* The configuration logic is now based on Bash scripts in the *rootfs/* folder. -* Multisite support was added via `WORDPRESS_ENABLE_MULTISITE` and related environment variables. -* Plugins can be installed and activated on the first deployment via `WORDPRESS_PLUGINS`. -* Added support for limiting auto-updates to WordPress core via `WORDPRESS_AUTO_UPDATE_LEVEL`. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. -* This image now supports connecting to MySQL and MariaDB databases securely via SSL. +- The size of the container image has been decreased. +- The configuration logic is now based on Bash scripts in the *rootfs/* folder. +- Multisite support was added via `WORDPRESS_ENABLE_MULTISITE` and related environment variables. +- Plugins can be installed and activated on the first deployment via `WORDPRESS_PLUGINS`. +- Added support for limiting auto-updates to WordPress core via `WORDPRESS_AUTO_UPDATE_LEVEL`. In addition, auto-updates have been disabled by default. To update WordPress core, we recommend to swap the container image version for your deployment instead of using the built-in update functionality. +- This image now supports connecting to MySQL and MariaDB databases securely via SSL. ### 5.3.2-debian-10-r30 -* The WordPress container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. -* Consequences: - * The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. - * Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the WP site by exporting its content, and importing it on a new WordPress container. In the links below you'll find some alternatives: - * [Migrate WordPress using All-in-One WP Migration plugin](https://docs.bitnami.com/general/how-to/migrate-wordpress/) - * [Migrate WordPress using VaultPress](https://vaultpress.com/) - * No writing permissions will be granted on `wp-config.php` by default. +- The WordPress container has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile. +- Consequences: + - The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. + - Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the WP site by exporting its content, and importing it on a new WordPress container. In the links below you'll find some alternatives: + - [Migrate WordPress using All-in-One WP Migration plugin](https://docs.bitnami.com/general/how-to/migrate-wordpress/) + - [Migrate WordPress using VaultPress](https://vaultpress.com/) + - No writing permissions will be granted on `wp-config.php` by default. ### 5.2.1-debian-9-r9 and 5.2.1-ol-7-r9 -* This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. -* The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. -* The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. -* Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. +- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information. +- The Apache configuration volume (`/bitnami/apache`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at `/opt/bitnami/apache/conf`, or mount specific configuration files individually. +- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually. +- Enabling custom Apache certificates by placing them at `/opt/bitnami/apache/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`. ### 5.1.1-r28, 5.1.1-rhel-7-r31 and 5.1.1-ol-7-r30 -* Users reported that they wanted to import their WordPress database from other installations. Now, in order to cover this use case, the variable `WORDPRESS_SKIP_INSTALL` can be set to avoid the container launch the WordPress installation wizard. +- Users reported that they wanted to import their WordPress database from other installations. Now, in order to cover this use case, the variable `WORDPRESS_SKIP_INSTALL` can be set to avoid the container launch the WordPress installation wizard. ### 5.0.3-r20 -* For performance and security reasons, Apache will set the `AllowOverride` directive to `None` by default. This means that, instead of using `.htaccess` files, all the default directives will be moved to the `/opt/bitnami/wordpress/wordpress-htaccess.conf` file. The only downside of this is the compatibility with certain plugins, which would require changes in that file (you would need to mount a modified version of `wordpress-htaccess.conf` compatible with these plugins). If you want to have the default `.htaccess` behavior, set the `WORDPRESS_HTACCESS_OVERRIDE_NONE` env var to `no`. +- For performance and security reasons, Apache will set the `AllowOverride` directive to `None` by default. This means that, instead of using `.htaccess` files, all the default directives will be moved to the `/opt/bitnami/wordpress/wordpress-htaccess.conf` file. The only downside of this is the compatibility with certain plugins, which would require changes in that file (you would need to mount a modified version of `wordpress-htaccess.conf` compatible with these plugins). If you want to have the default `.htaccess` behavior, set the `WORDPRESS_HTACCESS_OVERRIDE_NONE` env var to `no`. ### 5.0.0-r0 -* **wp-cli** tool is included in the Docker image. Find it at **/opt/bitnami/wp-cli/bin/wp**. +- **wp-cli** tool is included in the Docker image. Find it at **/opt/bitnami/wp-cli/bin/wp**. ## Contributing diff --git a/bitnami/zipkin/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/zipkin/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/zipkin/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/zipkin/3/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/zipkin/README.md b/bitnami/zipkin/README.md index 64e724a4d5e8..9c0bca2c95a5 100644 --- a/bitnami/zipkin/README.md +++ b/bitnami/zipkin/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name zipkin bitnami/zipkin ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Zipkin in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -28,12 +39,6 @@ Looking to use Zipkin in production? Try [VMware Tanzu Application Catalog](http Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -114,7 +119,7 @@ docker run --name zipkin bitnami/zipkin:latest ### Starting January 16, 2024 -* The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. +- The `docker-compose.yaml` file has been removed, as it was solely intended for internal testing purposes. ## Contributing diff --git a/bitnami/zookeeper/3.8/README.md b/bitnami/zookeeper/3.8/README.md index 2516967e98c4..04c96f8c1d98 100644 --- a/bitnami/zookeeper/3.8/README.md +++ b/bitnami/zookeeper/3.8/README.md @@ -1,5 +1,10 @@ -# Only the latest stable branch maintained in the free Bitnami catalog +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/zookeeper/3.9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/zookeeper/3.9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh index a8c9148c98b2..93cf59b06232 100644 --- a/bitnami/zookeeper/3.9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ b/bitnami/zookeeper/3.9/debian-12/prebuildfs/opt/bitnami/scripts/libbitnami.sh @@ -47,7 +47,7 @@ print_image_welcome_page() { info "" info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "⚠️ NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the “Bitnami Legacy” repository. More info at https://github.com/bitnami/containers/issues/83267" + info "${YELLOW}NOTICE: Starting August 28th, 2025, only a limited subset of images/charts will remain available for free. Backup will be available for some time at the 'Bitnami Legacy' repository. More info at https://github.com/bitnami/containers/issues/83267${RESET}" info "" } diff --git a/bitnami/zookeeper/README.md b/bitnami/zookeeper/README.md index f74f4858f551..6b0ea5a97e7e 100644 --- a/bitnami/zookeeper/README.md +++ b/bitnami/zookeeper/README.md @@ -13,14 +13,25 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name zookeeper bitnami/zookeeper:latest ``` +## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). + ## Why use Bitnami Images? -* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -* With Bitnami images the latest bug fixes and features are available as soon as possible. -* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -* Bitnami container images are released on a regular basis with the latest distribution packages available. +- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +- With Bitnami images the latest bug fixes and features are available as soon as possible. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. +- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. +- Bitnami container images are released on a regular basis with the latest distribution packages available. Looking to use Apache ZooKeeper in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. @@ -32,12 +43,6 @@ Deploying Bitnami applications as Helm Charts is the easiest way to get started Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). -## Only the latest stable branch maintained in the free Bitnami catalog - -Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub. - -Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information. - ## Supported tags and respective `Dockerfile` links Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html). @@ -241,13 +246,13 @@ docker-compose up -d When you start the Apache ZooKeeper image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable: -* For manual execution add a -e option with each variable and value: +- For manual execution add a -e option with each variable and value: ```console docker run --name zookeeper -e ZOO_SERVER_ID=1 bitnami/zookeeper:latest ``` -* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/zookeeper/docker-compose.yml) file present in this repository: +- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/containers/blob/main/bitnami/zookeeper/docker-compose.yml) file present in this repository: ```yaml services: @@ -349,11 +354,11 @@ services: An Apache ZooKeeper () cluster can easily be setup with the Bitnami Apache ZooKeeper Docker image using the following environment variables: -* `ZOO_SERVERS`: Comma, space or semi-colon separated list of servers. This can be done with or without specifying the ID of the server in the ensemble. No defaults. Examples: -* without Server ID - zoo1:2888:3888,zoo2:2888:3888 -* with Server ID - zoo1:2888:3888::1,zoo2:2888:3888::2 -* without Server ID and Observers - zoo1:2888:3888,zoo2:2888:3888:observer -* with Server ID and Observers - zoo1:2888:3888::1,zoo2:2888:3888:observer::2 +- `ZOO_SERVERS`: Comma, space or semi-colon separated list of servers. This can be done with or without specifying the ID of the server in the ensemble. No defaults. Examples: +- without Server ID - zoo1:2888:3888,zoo2:2888:3888 +- with Server ID - zoo1:2888:3888::1,zoo2:2888:3888::2 +- without Server ID and Observers - zoo1:2888:3888,zoo2:2888:3888:observer +- with Server ID and Observers - zoo1:2888:3888::1,zoo2:2888:3888:observer::2 For reliable Apache ZooKeeper service, you should deploy Apache ZooKeeper in a cluster known as an ensemble. As long as a majority of the ensemble are up, the service will be available. Because Apache ZooKeeper requires a majority, it is best to use an odd number of machines. For example, with four machines Apache ZooKeeper can only handle the failure of a single machine; if two machines fail, the remaining two machines do not constitute a majority. However, with five machines Apache ZooKeeper can handle the failure of two machines. @@ -589,20 +594,20 @@ docker-compose up zookeeper ### 3.5.5-r95 -* Apache ZooKeeper configuration moved to bash scripts in the rootfs/ folder. +- Apache ZooKeeper configuration moved to bash scripts in the rootfs/ folder. ### 3.4.12-r25 -* Configuration is not persisted, it is regenerated each time the container is created or it is used as volume. +- Configuration is not persisted, it is regenerated each time the container is created or it is used as volume. ### 3.4.10-r4 -* The zookeeper container has been migrated to a non-root container approach. Previously the container run as `root` user and the zookeeper daemon was started as `zookeeper` user. From now own, both the container and the zookeeper daemon run as user `1001`. +- The zookeeper container has been migrated to a non-root container approach. Previously the container run as `root` user and the zookeeper daemon was started as `zookeeper` user. From now own, both the container and the zookeeper daemon run as user `1001`. As a consequence, the configuration files are writable by the user running the zookeeper process. ### 3.4.10-r0 -* New release +- New release ## Using `docker-compose.yaml`