"Bitnami Skills, Vcnngr Style"
Production-ready container images based on Bitnami's excellent work, enhanced with Vcnngr quality standards and automation.
This repository provides secure, production-ready container images built on top of Bitnami's foundation. We maintain the high quality and security standards of Bitnami containers while adding:
- Enhanced CI/CD: Jenkins pipelines with quality gates
- Code Quality: Shellcheck and SonarQube analysis
- Security: Automated Trivy scanning with retry logic
- Minimal Base: vcnngr/minideb for reduced attack surface
- Non-root: All containers run as unprivileged user (UID 1001)
- Kubernetes-native: Built and tested on Kubernetes
Image | Version | Base | Status |
---|---|---|---|
minideb | bookworm, trixie | Debian minimal | β Production |
apache | 2.4 | vcnngr/minideb:bookworm | β Production |
nginx | 1.29 | vcnngr/minideb:bookworm | π§ Coming Soon |
redis | 7.x | vcnngr/minideb:bookworm | π§ Coming Soon |
postgresql | 16.x | vcnngr/minideb:bookworm | π§ Coming Soon |
# Pull an image
docker pull vcnngr/apache:latest
# Run Apache HTTP Server
docker run -d -p 8080:8080 --name my-apache vcnngr/apache:latest
# Test
curl http://localhost:8080
# View logs
docker logs my-apache
# Stop and remove
docker stop my-apache && docker rm my-apache
containers/
βββ minideb/ # Minimal Debian base image
β βββ mkimage # Base image creation script
β βββ import # Import and tag script
β βββ Jenkinsfile # CI/CD pipeline
β
βββ apache/ # Apache HTTP Server
β βββ 2.4/
β β βββ debian-12/
β β βββ Dockerfile
β β βββ prebuildfs/ # Pre-build scripts
β β βββ rootfs/ # Runtime scripts
β βββ Jenkinsfile # CI/CD pipeline
β βββ README.md
β
βββ [other containers...]
Every container image is built through a comprehensive pipeline:
- Shellcheck: Linting for all shell scripts
- SonarQube: Code quality analysis and technical debt tracking
- Quality Gates: Automated checks before deployment
- Trivy: Vulnerability scanning (HIGH/CRITICAL)
- Non-root execution: UID 1001 (unprivileged)
- Minimal base: Reduced attack surface with minideb
- Security updates: Automated scanning for new CVEs
- Functional tests: Container startup and basic operations
- Metadata validation: OCI labels and configuration
- Port verification: Exposed ports check
- User verification: Non-root user enforcement
- Multi-arch support: amd64, arm64 (where applicable)
- Automated tagging: Version, major, latest tags
- Build reports: JSON metadata for each build
- Artifact archival: Security reports and build logs
All images are built on Kubernetes using Jenkins with:
// Quality checks
stage('Code Quality') {
parallel {
stage('Shellcheck')
stage('SonarQube')
}
}
// Security scanning
stage('Security Scan') {
// Trivy with retry logic
}
// Build and test
stage('Build Image')
stage('Test Image')
stage('Push to Registry')
dockerhub-vcnngr
: DockerHub username and tokensonarqube-token
: SonarQube authentication token
- Python 3.9+
- Docker or Buildah
- Jenkins on Kubernetes (for CI/CD)
- Access to vcnngr DockerHub organization
# Clone the repository
git clone https://github.com/vcnngr/containers.git
cd containers/apache/2.4/debian-12
# Build locally with Docker
docker build -t vcnngr/apache:test .
# Or with Buildah
buildah bud -t vcnngr/apache:test .
# Test
docker run -d -p 8080:8080 vcnngr/apache:test
curl http://localhost:8080
- Analyze Bitnami source
python filtered_analyzer.py bitnami-containers --containers nginx --output nginx_analysis.json
- Rebrand to Vcnngr
python rebranding_script.py nginx bitnami-containers vcnngr-containers --execute
- Generate Jenkinsfile
python jenkins_generator.py nginx_analysis.json
cp generated_jenkinsfiles/Jenkinsfile.nginx nginx/Jenkinsfile
- Commit and push
git add nginx/
git commit -m "Add nginx container"
git push origin main
- Configure Jenkins job and trigger first build
While we maintain compatibility with Bitnami containers, we add:
Feature | Bitnami | Vcnngr |
---|---|---|
Base Image | bitnami/minideb | vcnngr/minideb |
CI/CD | GitHub Actions | Jenkins on K8s |
Code Quality | - | Shellcheck + SonarQube |
Security Scan | Basic | Trivy with retry logic |
Quality Gates | - | Automated enforcement |
Build Reports | - | JSON metadata + artifacts |
If you discover a security vulnerability, please email: security@vcnngr.io
- All containers run as non-root (UID 1001)
- Regular security scanning with Trivy
- Automated updates for security patches
- Minimal base image (vcnngr/minideb)
- OCI labels for transparency
We monitor Bitnami releases for:
- New versions
- Security patches
- Critical updates
Configured through:
- Jenkins scheduled jobs (nightly)
- GitHub Actions watchers (optional)
- Manual triggers available
- Documentation: See individual container READMEs
- Issues: https://github.com/vcnngr/containers/issues
- Docker Hub: https://hub.docker.com/u/vcnngr
- Bitnami Source: https://github.com/bitnami/containers
- Check the container-specific README
- Review existing issues on GitHub
- Create a new issue with:
- Container name and version
- Error messages or logs
- Steps to reproduce
We welcome contributions! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
- Maintain compatibility with Bitnami patterns
- Include appropriate tests
- Update documentation
- Follow existing code style
- Add Jenkinsfile for new containers
This project is based on the excellent work of Bitnami/Broadcom. We maintain the same high standards while adding our own enhancements.
Original work: https://github.com/bitnami/containers
License: Apache 2.0
Copyright Β© 2025 Vcnngr
SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Built with care by the Vcnngr team
Bitnami Skills, Vcnngr Style