[bitnami/haproxy] Update supported branches (#87661)
Signed-off-by: David Gomez <david.gomez@broadcom.com>
This commit is contained in:
David Gomez
GitHub
parent
c0b2d42c20
commit
a43339f62e
|
|
@ -0,0 +1,10 @@
|
|||
# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog
|
||||
|
||||
Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition:
|
||||
|
||||
- Granting community users access for the first time to security-optimized versions of popular container images.
|
||||
- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes
|
||||
- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.
|
||||
- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support.
|
||||
|
||||
These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267).
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog
|
||||
|
||||
Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition:
|
||||
|
||||
- Granting community users access for the first time to security-optimized versions of popular container images.
|
||||
- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes
|
||||
- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.
|
||||
- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support.
|
||||
|
||||
These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267).
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog
|
||||
|
||||
Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition:
|
||||
|
||||
- Granting community users access for the first time to security-optimized versions of popular container images.
|
||||
- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes
|
||||
- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.
|
||||
- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support.
|
||||
|
||||
These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267).
|
||||
|
|
@ -1,55 +0,0 @@
|
|||
# Copyright Broadcom, Inc. All Rights Reserved.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
|
||||
FROM docker.io/bitnami/minideb:bookworm
|
||||
|
||||
ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith"
|
||||
ARG TARGETARCH
|
||||
|
||||
LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
|
||||
org.opencontainers.image.created="2025-10-14T02:37:57Z" \
|
||||
org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
|
||||
org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/haproxy/README.md" \
|
||||
org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/haproxy" \
|
||||
org.opencontainers.image.title="haproxy" \
|
||||
org.opencontainers.image.vendor="Broadcom, Inc." \
|
||||
org.opencontainers.image.version="3.2.6"
|
||||
|
||||
ENV HOME="/" \
|
||||
OS_ARCH="${TARGETARCH:-amd64}" \
|
||||
OS_FLAVOUR="debian-12" \
|
||||
OS_NAME="linux"
|
||||
|
||||
COPY prebuildfs /
|
||||
SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
|
||||
# Install required system packages and dependencies
|
||||
RUN install_packages ca-certificates curl libcrypt1 liblua5.4-0 libssl3 lua5.4 procps
|
||||
RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \
|
||||
DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \
|
||||
mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \
|
||||
COMPONENTS=( \
|
||||
"haproxy-3.2.6-3-linux-${OS_ARCH}-debian-12" \
|
||||
) ; \
|
||||
for COMPONENT in "${COMPONENTS[@]}"; do \
|
||||
if [ ! -f "${COMPONENT}.tar.gz" ]; then \
|
||||
curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \
|
||||
curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \
|
||||
fi ; \
|
||||
sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \
|
||||
tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \
|
||||
rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \
|
||||
done
|
||||
RUN apt-get update && apt-get upgrade -y && \
|
||||
apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
||||
RUN chmod g+rwX /opt/bitnami
|
||||
RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true
|
||||
RUN uninstall_packages curl
|
||||
|
||||
ENV APP_VERSION="3.2.6" \
|
||||
BITNAMI_APP_NAME="haproxy" \
|
||||
IMAGE_REVISION="3" \
|
||||
PATH="/opt/bitnami/haproxy/sbin:/opt/bitnami/haproxy-dataplaneapi/bin:/opt/bitnami/lua/bin:$PATH"
|
||||
|
||||
USER 1001
|
||||
ENTRYPOINT [ "/opt/bitnami/haproxy/sbin/haproxy" ]
|
||||
CMD [ "-f", "/bitnami/haproxy/conf/haproxy.cfg" ]
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
# Copyright Broadcom, Inc. All Rights Reserved.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
|
||||
services:
|
||||
haproxy:
|
||||
image: docker.io/bitnami/haproxy:3
|
||||
|
|
@ -1,31 +0,0 @@
|
|||
global
|
||||
log 127.0.0.1 local2
|
||||
maxconn 4096
|
||||
|
||||
defaults
|
||||
mode http
|
||||
log global
|
||||
option httplog
|
||||
option dontlognull
|
||||
option http-server-close
|
||||
option forwardfor except 127.0.0.0/8
|
||||
option redispatch
|
||||
retries 3
|
||||
timeout http-request 20s
|
||||
timeout queue 1m
|
||||
timeout connect 10s
|
||||
timeout client 1m
|
||||
timeout server 1m
|
||||
timeout http-keep-alive 30s
|
||||
timeout check 10s
|
||||
maxconn 3000
|
||||
|
||||
frontend fe_http
|
||||
option forwardfor except 127.0.0.1
|
||||
option httpclose
|
||||
bind *:8080
|
||||
default_backend be_http
|
||||
|
||||
backend be_http
|
||||
balance roundrobin
|
||||
server nginx service:8080 check port 8080
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
Bitnami containers ship with software bundles. You can find the licenses under:
|
||||
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Copyright Broadcom, Inc. All Rights Reserved.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
set -eu
|
||||
|
||||
n=0
|
||||
max=2
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
until [ $n -gt $max ]; do
|
||||
set +e
|
||||
(
|
||||
apt-get update -qq &&
|
||||
apt-get install -y --no-install-recommends "$@"
|
||||
)
|
||||
CODE=$?
|
||||
set -e
|
||||
if [ $CODE -eq 0 ]; then
|
||||
break
|
||||
fi
|
||||
if [ $n -eq $max ]; then
|
||||
exit $CODE
|
||||
fi
|
||||
echo "apt failed, retrying"
|
||||
n=$(($n + 1))
|
||||
done
|
||||
apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Copyright Broadcom, Inc. All Rights Reserved.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
set -u
|
||||
|
||||
if [ $# -eq 0 ]; then
|
||||
>&2 echo "No arguments provided"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
script=$1
|
||||
exit_code="${2:-96}"
|
||||
fail_if_not_present="${3:-n}"
|
||||
|
||||
if test -f "$script"; then
|
||||
sh $script
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
exit $((exit_code))
|
||||
fi
|
||||
elif [ "$fail_if_not_present" = "y" ]; then
|
||||
>&2 echo "script not found: $script"
|
||||
exit 127
|
||||
fi
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Copyright Broadcom, Inc. All Rights Reserved.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
set -eu
|
||||
|
||||
n=0
|
||||
max=2
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
until [ $n -gt $max ]; do
|
||||
set +e
|
||||
(
|
||||
apt-get autoremove --purge -y "$@"
|
||||
)
|
||||
CODE=$?
|
||||
set -e
|
||||
if [ $CODE -eq 0 ]; then
|
||||
break
|
||||
fi
|
||||
if [ $n -eq $max ]; then
|
||||
exit $CODE
|
||||
fi
|
||||
echo "apt failed, retrying"
|
||||
n=$(($n + 1))
|
||||
done
|
||||
apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
||||
Loading…
Reference in New Issue