diff --git a/bitnami/acmesolver/1.18/README.md b/bitnami/acmesolver/1.18/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/acmesolver/1.18/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/acmesolver/1.18/debian-12/Dockerfile b/bitnami/acmesolver/1.18/debian-12/Dockerfile deleted file mode 100644 index c0ed26e2e3ba..000000000000 --- a/bitnami/acmesolver/1.18/debian-12/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-07T20:10:46Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/acmesolver/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/acmesolver" \ - org.opencontainers.image.title="acmesolver" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="1.18.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "acmesolver-1.18.2-7-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN uninstall_packages curl - -ENV APP_VERSION="1.18.2" \ - BITNAMI_APP_NAME="acmesolver" \ - IMAGE_REVISION="9" \ - PATH="/opt/bitnami/acmesolver/bin:$PATH" - -WORKDIR /opt/bitnami/acmesolver -USER 1001 -ENTRYPOINT [ "/opt/bitnami/acmesolver/bin/acmesolver" ] diff --git a/bitnami/acmesolver/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/acmesolver/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/acmesolver/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/acmesolver/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cainjector/1.18/README.md b/bitnami/cainjector/1.18/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/cainjector/1.18/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cainjector/1.18/debian-12/Dockerfile b/bitnami/cainjector/1.18/debian-12/Dockerfile deleted file mode 100644 index 9dd882a66d87..000000000000 --- a/bitnami/cainjector/1.18/debian-12/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-07T20:35:48Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/cainjector/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/cainjector" \ - org.opencontainers.image.title="cainjector" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="1.18.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "cainjector-1.18.2-5-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN uninstall_packages curl - -ENV APP_VERSION="1.18.2" \ - BITNAMI_APP_NAME="cainjector" \ - IMAGE_REVISION="9" \ - PATH="/opt/bitnami/cainjector/bin:$PATH" - -WORKDIR /opt/bitnami/cainjector -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cainjector/bin/cainjector" ] diff --git a/bitnami/cainjector/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cainjector/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cainjector/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/cainjector/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager-webhook/1.18/README.md b/bitnami/cert-manager-webhook/1.18/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/cert-manager-webhook/1.18/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cert-manager-webhook/1.18/debian-12/Dockerfile b/bitnami/cert-manager-webhook/1.18/debian-12/Dockerfile deleted file mode 100644 index d1acf98de9ff..000000000000 --- a/bitnami/cert-manager-webhook/1.18/debian-12/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-07T20:38:48Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/cert-manager-webhook/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/cert-manager-webhook" \ - org.opencontainers.image.title="cert-manager-webhook" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="1.18.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "cert-manager-webhook-1.18.2-5-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN uninstall_packages curl - -ENV APP_VERSION="1.18.2" \ - BITNAMI_APP_NAME="cert-manager-webhook" \ - IMAGE_REVISION="9" \ - PATH="/opt/bitnami/cert-manager-webhook/bin:$PATH" - -WORKDIR /opt/bitnami/cert-manager-webhook -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cert-manager-webhook/bin/cert-manager-webhook" ] diff --git a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/cert-manager-webhook/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager/1.18/README.md b/bitnami/cert-manager/1.18/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/cert-manager/1.18/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/cert-manager/1.18/debian-12/Dockerfile b/bitnami/cert-manager/1.18/debian-12/Dockerfile deleted file mode 100644 index 7673c502ad36..000000000000 --- a/bitnami/cert-manager/1.18/debian-12/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-10-07T20:43:53Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/cert-manager/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/cert-manager" \ - org.opencontainers.image.title="cert-manager" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="1.18.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "cert-manager-1.18.2-4-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN uninstall_packages curl - -ENV APP_VERSION="1.18.2" \ - BITNAMI_APP_NAME="cert-manager" \ - IMAGE_REVISION="9" \ - PATH="/opt/bitnami/cert-manager/bin:$PATH" - -WORKDIR /opt/bitnami/cert-manager -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cert-manager/bin/cert-manager" ] diff --git a/bitnami/cert-manager/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cert-manager/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cert-manager/1.18/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/cert-manager/1.18/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives