Skip to content

jaikanth-arcadia/corretto-docker

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Corretto Docker Build Status

Master repository where Dockerfiles for Amazon Corretto are hosted. These docker files are used to build images for Amazon Corretto Offical Images and ECR images.

Usage

The docker images are available on Amazon Corretto Official Images

To use Amazon Corretto Official Images from Docker hub run

docker pull amazoncorretto:17

The docker images are also available on Amazon ECR.

To get Corretto docker images from Amazon ECR please see Amazon Corretto's ECR Public Gallery as well as the Docker Official Images ECR Public Gallery

To use docker images from Corretto ECR Public Gallery run the following commands:

docker pull public.ecr.aws/amazoncorretto/amazoncorretto:17
docker run -it public.ecr.aws/amazoncorretto/amazoncorretto:17 /bin/bash

You can see the list of available images by going to: https://gallery.ecr.aws/amazoncorretto/amazoncorretto

Supported Tags

See https://hub.docker.com/_/amazoncorretto

Building

To build the docker images, you can use the following command.

docker build -t amazon-corretto-{major_version} -f ./{major_version}/{jdk|jre|slim}/{al2|alpine|debian}/Dockerfile .

Security

If you would like to report a potential security issue in this project, please do not create a GitHub issue. Instead, please follow the instructions here or email AWS security directly.

Why does security scanner show that a docker image has a CVE?

If a security scanner reports that an amazoncorretto image includes a CVE, the first recommended action is to pull an updated version of this image.

If no updated image is available, run the appropriate command to update packages for the platform, ie. run "apk -U upgrade" for Alpine or "yum update -y --security" for AmazonLinux in your Dockerfiles or systems to resolve the issue immediately.

If no updated package is available, please treat this as a potential security issue and follow these instructions or email AWS security directly at aws-security@amazon.com.

It is the responsibility of the base docker image supplier to provide timely security updates to images and packages. The amazoncorretto images are automatically rebuilt when a new base image is made available, but we do not make changes to our Dockerfiles to pull in one-off package updates. If a new base image has not yet been made generally available by a base docker image maintainer, please contact that maintainer to request that the issue be addressed.

Note that there are multiple reasons why a CVE may appear to be present in a docker image, as explained in the docker library FAQs.

About

Dockerfiles for Amazon Corretto Official images.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Dockerfile 81.8%
  • Shell 10.7%
  • Python 7.5%