From a43339f62e2880c27e1a066e7981fe39e2806eeb Mon Sep 17 00:00:00 2001 From: David Gomez Date: Thu, 16 Oct 2025 09:02:55 +0200 Subject: [PATCH] [bitnami/haproxy] Update supported branches (#87661) Signed-off-by: David Gomez --- bitnami/haproxy/{2 => 2.4}/README.md | 0 bitnami/haproxy/2.6/README.md | 10 ++++ bitnami/haproxy/2.8/README.md | 10 ++++ bitnami/haproxy/3.0/README.md | 10 ++++ bitnami/haproxy/3/debian-12/Dockerfile | 55 ------------------- .../haproxy/3/debian-12/docker-compose.yml | 6 -- .../haproxy/3/debian-12/examples/frontend.cfg | 31 ----------- .../opt/bitnami/licenses/licenses.txt | 2 - .../prebuildfs/usr/sbin/install_packages | 27 --------- .../debian-12/prebuildfs/usr/sbin/run-script | 24 -------- .../prebuildfs/usr/sbin/uninstall_packages | 26 --------- 11 files changed, 30 insertions(+), 171 deletions(-) rename bitnami/haproxy/{2 => 2.4}/README.md (100%) create mode 100644 bitnami/haproxy/2.6/README.md create mode 100644 bitnami/haproxy/2.8/README.md create mode 100644 bitnami/haproxy/3.0/README.md delete mode 100644 bitnami/haproxy/3/debian-12/Dockerfile delete mode 100644 bitnami/haproxy/3/debian-12/docker-compose.yml delete mode 100644 bitnami/haproxy/3/debian-12/examples/frontend.cfg delete mode 100644 bitnami/haproxy/3/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt delete mode 100755 bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/install_packages delete mode 100755 bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/run-script delete mode 100755 bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/uninstall_packages diff --git a/bitnami/haproxy/2/README.md b/bitnami/haproxy/2.4/README.md similarity index 100% rename from bitnami/haproxy/2/README.md rename to bitnami/haproxy/2.4/README.md diff --git a/bitnami/haproxy/2.6/README.md b/bitnami/haproxy/2.6/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/haproxy/2.6/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/haproxy/2.8/README.md b/bitnami/haproxy/2.8/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/haproxy/2.8/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/haproxy/3.0/README.md b/bitnami/haproxy/3.0/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/haproxy/3.0/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/haproxy/3/debian-12/Dockerfile b/bitnami/haproxy/3/debian-12/Dockerfile deleted file mode 100644 index d88862136f95..000000000000 --- a/bitnami/haproxy/3/debian-12/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-14T02:37:57Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/haproxy/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/haproxy" \ - org.opencontainers.image.title="haproxy" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="3.2.6" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 liblua5.4-0 libssl3 lua5.4 procps -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "haproxy-3.2.6-3-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN uninstall_packages curl - -ENV APP_VERSION="3.2.6" \ - BITNAMI_APP_NAME="haproxy" \ - IMAGE_REVISION="3" \ - PATH="/opt/bitnami/haproxy/sbin:/opt/bitnami/haproxy-dataplaneapi/bin:/opt/bitnami/lua/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/haproxy/sbin/haproxy" ] -CMD [ "-f", "/bitnami/haproxy/conf/haproxy.cfg" ] diff --git a/bitnami/haproxy/3/debian-12/docker-compose.yml b/bitnami/haproxy/3/debian-12/docker-compose.yml deleted file mode 100644 index 67335435db7f..000000000000 --- a/bitnami/haproxy/3/debian-12/docker-compose.yml +++ /dev/null @@ -1,6 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -services: - haproxy: - image: docker.io/bitnami/haproxy:3 diff --git a/bitnami/haproxy/3/debian-12/examples/frontend.cfg b/bitnami/haproxy/3/debian-12/examples/frontend.cfg deleted file mode 100644 index c1152538016a..000000000000 --- a/bitnami/haproxy/3/debian-12/examples/frontend.cfg +++ /dev/null @@ -1,31 +0,0 @@ -global - log 127.0.0.1 local2 - maxconn 4096 - -defaults - mode http - log global - option httplog - option dontlognull - option http-server-close - option forwardfor except 127.0.0.0/8 - option redispatch - retries 3 - timeout http-request 20s - timeout queue 1m - timeout connect 10s - timeout client 1m - timeout server 1m - timeout http-keep-alive 30s - timeout check 10s - maxconn 3000 - -frontend fe_http - option forwardfor except 127.0.0.1 - option httpclose - bind *:8080 - default_backend be_http - -backend be_http - balance roundrobin - server nginx service:8080 check port 8080 diff --git a/bitnami/haproxy/3/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/haproxy/3/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/haproxy/3/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/haproxy/3/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives