diff --git a/bitnami/fluent-bit/4.0/README.md b/bitnami/fluent-bit/4.0/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/fluent-bit/4.0/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/fluent-bit/4/debian-12/Dockerfile b/bitnami/fluent-bit/4/debian-12/Dockerfile deleted file mode 100644 index a44885f99db6..000000000000 --- a/bitnami/fluent-bit/4/debian-12/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-08T21:59:48Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/fluent-bit/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/fluent-bit" \ - org.opencontainers.image.title="fluent-bit" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="4.1.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcap2 libgcc-s1 libgcrypt20 libgpg-error0 liblz4-1 liblzma5 libsasl2-2 libssl3 libstdc++6 libsystemd0 libyaml-0-2 libzstd1 procps zlib1g -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "fluent-bit-4.1.1-0-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN chown -R 1001:1001 /opt/bitnami/fluent-bit -RUN uninstall_packages curl - -ENV APP_VERSION="4.1.1" \ - BITNAMI_APP_NAME="fluent-bit" \ - IMAGE_REVISION="0" \ - PATH="/opt/bitnami/fluent-bit/bin:$PATH" - -EXPOSE 2020 - -WORKDIR /opt/bitnami/fluent-bit -USER 1001 -ENTRYPOINT [ "fluent-bit" ] -CMD [ "-c", "/opt/bitnami/fluent-bit/conf/fluent-bit.conf" ] diff --git a/bitnami/fluent-bit/4/debian-12/docker-compose.yml b/bitnami/fluent-bit/4/debian-12/docker-compose.yml deleted file mode 100644 index 76eed6f5c2b1..000000000000 --- a/bitnami/fluent-bit/4/debian-12/docker-compose.yml +++ /dev/null @@ -1,8 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -services: - fluent-bit: - image: docker.io/bitnami/fluent-bit:4 - ports: - - '2020:2020' diff --git a/bitnami/fluent-bit/4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluent-bit/4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluent-bit/4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/fluent-bit/4/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives