Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-03-30 14:57:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/eclipse-temurin] Release 25.0.1-8-debian-12-r1 (#89667)

Browse Source 
Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Bitnami Bot
2026-01-13 12:57:09 +01:00
committed by GitHub
parent e4ebba22e2
commit 903dcb172f
4 changed files with 88 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
bitnami/eclipse-temurin/25/debian-12/Dockerfile
View File

@@ -4,11 +4,11 @@
FROM docker.io/bitnami/minideb:bookworm
ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith"
ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/eclipse-temurin/extra-security"
ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security"
ARG TARGETARCH
LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
org.opencontainers.image.created="2026-01-12T17:39:26Z" \
org.opencontainers.image.created="2026-01-13T11:38:45Z" \
org.opencontainers.image.description="Application packaged by Broadcom, Inc." \
org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/eclipse-temurin/README.md" \
org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/eclipse-temurin" \
@@ -28,7 +28,7 @@ RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \
DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \
mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \
COMPONENTS=( \
"eclipse-temurin-25.0.1-8-0-linux-${OS_ARCH}-debian-12" \
"eclipse-temurin-25.0.1-8-1-linux-${OS_ARCH}-debian-12" \
) ; \
for COMPONENT in "${COMPONENTS[@]}"; do \
if [ ! -f "${COMPONENT}.tar.gz" ]; then \
@@ -51,15 +51,15 @@ RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \
sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password
COPY rootfs /
RUN /opt/bitnami/scripts/eclipse-temurin/postunpack.sh
RUN /opt/bitnami/scripts/java/postunpack.sh
ENV APP_VERSION="25.0.1-8" \
BITNAMI_APP_NAME="eclipse-temurin" \
IMAGE_REVISION="0" \
JAVA_HOME="/opt/bitnami/eclipse-temurin" \
IMAGE_REVISION="1" \
JAVA_HOME="/opt/bitnami/java" \
LANG="en_US.UTF-8" \
LANGUAGE="en_US:en" \
PATH="/opt/bitnami/eclipse-temurin/bin:$PATH"
PATH="/opt/bitnami/java/bin:$PATH"
WORKDIR /app
ENTRYPOINT [ "/opt/bitnami/scripts/eclipse-temurin/entrypoint.sh" ]
ENTRYPOINT [ "/opt/bitnami/scripts/java/entrypoint.sh" ]
CMD [ "bash" ]

0
bitnami/eclipse-temurin/25/debian-12/rootfs/opt/bitnami/scripts/eclipse-temurin/entrypoint.sh → bitnami/eclipse-temurin/25/debian-12/rootfs/opt/bitnami/scripts/java/entrypoint.sh
View File

10
bitnami/eclipse-temurin/25/debian-12/rootfs/opt/bitnami/scripts/eclipse-temurin/postunpack.sh → bitnami/eclipse-temurin/25/debian-12/rootfs/opt/bitnami/scripts/java/postunpack.sh
View File

@@ -14,13 +14,13 @@ set -o pipefail
. /opt/bitnami/scripts/liblog.sh
#
# Eclipse Temurin post-unpack operations
# Java post-unpack operations
#
# Override default files in the Eclipse Temurin security directory. This is used for
# Override default files in the Java security directory. This is used for
# custom base images (with custom CA certificates or block lists is used)
if [[ -n "${ECLIPSE_TEMURIN_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$ECLIPSE_TEMURIN_EXTRA_SECURITY_DIR"; then
info "Adding custom CAs to the Eclipse Temurin security folder"
cp -Lr "${ECLIPSE_TEMURIN_SECURITY_DIR}/." /opt/bitnami/eclipse-temurin/lib/security
if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then
info "Adding custom CAs to the Java security folder"
cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security
fi

90
bitnami/eclipse-temurin/README.md
View File

@@ -13,22 +13,54 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
docker run --name eclipse-temurin bitnami/eclipse-temurin:latest
```
## Why use Bitnami Images?
## Why use Bitnami Secure Images?
* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems.
* With Bitnami images the latest bug fixes and features are available as soon as possible.
* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
* All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-.
* All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images.
* Bitnami container images are released on a regular basis with the latest distribution packages available.
Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images?
Looking to use Eclipse Temurin in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog.
- Hardened secure images of popular open source software with Near-Zero Vulnerabilities
- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores
- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM)
- Software supply chain provenance attestation through in-toto
- First class support for the internets favorite Helm charts
## Only the latest stable branch maintained in the free Bitnami catalog
Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/).
Starting December 10th, 2024, only the latest stable branch of each container image will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches (e.g., LTS), consider upgrading to Bitnami Premium. Previously released versions will not be deleted and will remain available for pulling from DockerHub.
![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details")
![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report")
Please check the Bitnami Premium page in our partner [Arrow Electronics](https://www.arrow.com/globalecs/na/vendors/bitnami?utm_source=GitHub&utm_medium=containers) for more information.
If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy).
## Choosing between the _Standard_ and _Minimal_ image
This asset is available in two flavors: _Standard_ and _Minimal_; designed to address different use cases and operational needs.
### Standard images
The standard images are full-featured, production-ready containers built on top of secure base operating systems. They include:
- The complete runtime and commonly used system tools.
- A familiar Linux environment (shell, package manager, debugging utilities).
- Full compatibility with most CI/CD pipelines and existing workloads.
Recommended for:
- Development and testing environments.
- Workloads requiring package installation or debugging tools.
- Applications that depend on system utilities or shared libraries.
### Minimal images
The minimal images are optimized, distroless-style containers derived from a stripped-down base. They only ship whats strictly necessary to run the application; no shell, package manager, or extra libraries. They provide:
- Smaller size: Faster pull and startup times.
- Reduced attack surface: Fewer components and potential vulnerabilities.
- Simpler maintenance: Fewer dependencies to patch or update.
Recommended for:
- Production environments prioritizing performance and security.
- Regulated or security-sensitive workloads
- Containers built via multi-stage builds (e.g., Golang static binaries).
## Supported tags and respective `Dockerfile` links
@@ -60,10 +92,6 @@ cd bitnami/APP/VERSION/OPERATING-SYSTEM
docker build -t bitnami/APP:latest .
```
## Why use a non-root container?
Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html).
## Configuration
### Running commands
@@ -76,6 +104,38 @@ docker run --rm --name eclipse-temurin bitnami/eclipse-temurin:latest -- --help
Check the [official Eclipse Temurin documentation](https://adoptium.net/temurin for more information.
### Running your Eclipse Temurin jar or war
The default work directory for the Eclipse Temurin image is `/app`. You can mount a folder from your host here that includes your Eclipse Temurin jar or war, and run it normally using the `java` command.
```console
docker run -it --name eclipse-temurin -v /path/to/app:/app bitnami/eclipse-temurin:latest \
java -jar package.jar
```
## Replace the default truststore using a custom base image
In case you are replacing the default [minideb](https://github.com/bitnami/minideb) base image with a custom base image (based on Debian), it is possible to replace the default truststore located in the `/opt/bitnami/java/lib/security` folder. This is done by setting the `JAVA_EXTRA_SECURITY_DIR` docker build ARG variable, which needs to point to a location that contains a *cacerts* file that would substitute the originally bundled truststore. In the following example we will use a minideb fork that contains a custom *cacerts* file in the */bitnami/java/extra-security* folder:
- In the Dockerfile, replace `FROM docker.io/bitnami/minideb:latest` to use a custom image, defined with the `MYJAVAFORK:TAG` placeholder:
```diff
- FROM bitnami/minideb:latest
+ FROM MYFORK:TAG
```
- Run `docker build` setting the value of `JAVA_EXTRA_SECURITY_DIR`. Remember to replace the `MYJAVAFORK:TAG` placeholder.
```console
docker build --build-arg JAVA_EXTRA_SECURITY_DIR=/bitnami/java/extra-security -t MYJAVAFORK:TAG .
```
### FIPS configuration in Bitnami Secure Images
The Bitnami Eclipse Temurin Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:
- `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`.
## Contributing
We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/containers/issues) or submitting a [pull request](https://github.com/bitnami/containers/pulls) with your contribution.