Added an is_locked flag in image.yml file for all images, created a c…

…ommon jinja template for locked and unlocked images, made some improvements based on code review

Signed-off-by: Kanav Phull <[email protected]>

community_images/airflow/airflow-scheduler/bitnami/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache Airflow Scheduler
 
+
 RapidFort’s container optimization process hardened this Apache Airflow Scheduler container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Bitnami Apache Airflow Scheduler][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -51,6 +53,8 @@ Disclaimer: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache Airflow Scheduler image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/bitnami/containers/blob/main/bitnami/airflow-scheduler/README.md">
@@ -89,7 +93,7 @@ RapidFort’s hardened [rapidfort/airflow-scheduler][rf-dh-image-link] image has
 We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.
 
 ## Supported tags and respective `Dockerfile` links
-* [`2`, `2-debian-11`, `2.8.1`, `2.8.1-debian-11-r` (2/debian-11/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow-scheduler/2/debian-11/Dockerfile)
+* [`2`, `2-debian-12`, `2.8.1`, `2.8.1-debian-12-r` (2/debian-12/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow-scheduler/2/debian-12/Dockerfile)
 
 ## Need support
 

community_images/airflow/airflow-scheduler/bitnami/image.yml

@@ -22,3 +22,4 @@ what_is_text: |
   Use Airflow to author workflows as directed acyclic graphs (DAGs) of tasks. The Airflow scheduler executes your tasks on an array of workers while following the specified dependencies. Rich command line utilities make performing complex surgeries on DAGs a snap. The rich user interface makes it easy to visualize pipelines running in production, monitor progress, and troubleshoot issues when needed.
 disclaimer: |
   Disclaimer: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"

community_images/airflow/airflow-worker/bitnami/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache Airflow Worker
 
+
 RapidFort’s container optimization process hardened this Apache Airflow Worker container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Bitnami Apache Airflow Worker][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -51,6 +53,8 @@ Disclaimer: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache Airflow Worker image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/bitnami/containers/blob/main/bitnami/airflow-worker/README.md">
@@ -89,7 +93,7 @@ RapidFort’s hardened [rapidfort/airflow-worker][rf-dh-image-link] image has be
 We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.
 
 ## Supported tags and respective `Dockerfile` links
-* [`2`, `2-debian-11`, `2.8.1`, `2.8.1-debian-11-r` (2/debian-11/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow-worker/2/debian-11/Dockerfile)
+* [`2`, `2-debian-12`, `2.8.1`, `2.8.1-debian-12-r` (2/debian-12/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow-worker/2/debian-12/Dockerfile)
 
 ## Need support
 

community_images/airflow/airflow-worker/bitnami/image.yml

@@ -22,3 +22,4 @@ what_is_text: |
   Use Airflow to author workflows as directed acyclic graphs (DAGs) of tasks. The Airflow scheduler executes your tasks on an array of workers while following the specified dependencies. Rich command line utilities make performing complex surgeries on DAGs a snap. The rich user interface makes it easy to visualize pipelines running in production, monitor progress, and troubleshoot issues when needed.
 disclaimer: |
   Disclaimer: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"

community_images/airflow/airflow/bitnami/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache Airflow
 
+
 RapidFort’s container optimization process hardened this Apache Airflow container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Bitnami Apache Airflow][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -51,6 +53,8 @@ Disclaimer: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache Airflow image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/bitnami/containers/blob/main/bitnami/airflow/README.md">
@@ -89,7 +93,7 @@ RapidFort’s hardened [rapidfort/airflow][rf-dh-image-link] image has been opti
 We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.
 
 ## Supported tags and respective `Dockerfile` links
-* [`2`, `2-debian-11`, `2.8.1`, `2.8.1-debian-11-r` (2/debian-11/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow/2/debian-11/Dockerfile)
+* [`2`, `2-debian-12`, `2.8.1`, `2.8.1-debian-12-r` (2/debian-12/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/airflow/2/debian-12/Dockerfile)
 
 ## Need support
 

community_images/airflow/airflow/bitnami/image.yml

@@ -22,6 +22,7 @@ what_is_text: |
   Use Airflow to author workflows as directed acyclic graphs (DAGs) of tasks. The Airflow scheduler executes your tasks on an array of workers while following the specified dependencies. Rich command line utilities make performing complex surgeries on DAGs a snap. The rich user interface makes it easy to visualize pipelines running in production, monitor progress, and troubleshoot issues when needed.
 disclaimer: |
   Disclaimer: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 input_registry:
   registry: docker.io
   account: bitnami

community_images/airflow/airflow/ironbank/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache Airflow Ironbank
 
+
 RapidFort’s container optimization process hardened this Apache Airflow Ironbank container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Platform One Apache Airflow Ironbank][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -51,6 +53,8 @@ Disclaimer: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache Airflow Ironbank image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://repo1.dso.mil/dsop/opensource/apache/airflow/airflow/-/blob/development/README.md">

community_images/airflow/airflow/ironbank/image.yml

@@ -22,6 +22,7 @@ what_is_text: |
   Use Airflow to author workflows as directed acyclic graphs (DAGs) of tasks. The Airflow scheduler executes your tasks on an array of workers while following the specified dependencies. Rich command line utilities make performing complex surgeries on DAGs a snap. The rich user interface makes it easy to visualize pipelines running in production, monitor progress, and troubleshoot issues when needed.
 disclaimer: |
   Disclaimer: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 input_registry:
   registry: registry1.dso.mil
   account: ironbank

community_images/apache/bitnami/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache
 
+
 RapidFort’s container optimization process hardened this Apache container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Bitnami Apache][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -47,6 +49,8 @@ Trademarks: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/bitnami/containers/blob/main/bitnami/apache/README.md">
@@ -85,7 +89,7 @@ RapidFort’s hardened [rapidfort/apache][rf-dh-image-link] image has been optim
 We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.
 
 ## Supported tags and respective `Dockerfile` links
-* [`2.4`, `2.4-debian-11`, `2.4.58`, `2.4.58-debian-11-r` (2.4/debian-11/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/apache/2.4/debian-11/Dockerfile)
+* [`2.4`, `2.4-debian-12`, `2.4.58`, `2.4.58-debian-12-r` (2.4/debian-12/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/apache/2.4/debian-12/Dockerfile)
 
 ## Need support
 

community_images/apache/bitnami/image.yml

@@ -18,6 +18,7 @@ what_is_text: |
   The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. httpd is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes or threads to handle requests.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 input_registry:
   registry: docker.io
   account: bitnami

community_images/apache/ironbank/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache IronBank
 
+
 RapidFort’s container optimization process hardened this Apache IronBank container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Platform One Apache IronBank][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -47,6 +49,8 @@ Trademarks: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache IronBank image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://repo1.dso.mil/dsop/opensource/apache/apache2/-/blob/development/README.md">

community_images/apache/ironbank/image.yml

@@ -17,6 +17,7 @@ what_is_text: |
   The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. httpd is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes or threads to handle requests.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 input_registry:
   registry: registry1.dso.mil
   account: ironbank

community_images/apache/official/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Apache Official
 
+
 RapidFort’s container optimization process hardened this Apache Official container. This container is free to use and has no license limitations.
 
+
 It is the same as the [The Docker Community Apache Official][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -47,6 +49,8 @@ Trademarks: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Apache Official image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/docker-library/docs/blob/master/httpd/README.md">

community_images/apache/official/image.yml

@@ -17,6 +17,7 @@ what_is_text: |
   The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. httpd is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes or threads to handle requests.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 docker_links:
   - "[`2.4.54`, `2.4`, `2`, `latest`, `2.4.54-bullseye`, `2.4-bullseye`, `2-bullseye`, `bullseye`](https://github.com/docker-library/httpd/blob/f3b7fd9c8ef59d1ad46c8b2a27df3e02d822834f/2.4/Dockerfile)"
   - "[`2.4.54-alpine`, `2.4-alpine`, `2-alpine`, `alpine`, `2.4.54-alpine3.16`, `2.4-alpine3.16`, `2-alpine3.16`, `alpine3.16`](https://github.com/docker-library/httpd/blob/f3b7fd9c8ef59d1ad46c8b2a27df3e02d822834f/2.4/alpine/Dockerfile)"

community_images/cassandra/official/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Cassandra Official
 
+
 RapidFort’s container optimization process hardened this Cassandra Official container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Apache Cassandra Cassandra Official][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -47,6 +49,8 @@ Trademarks: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Cassandra Official image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/docker-library/cassandra/blob/master/README.md">

community_images/cassandra/official/image.yml

@@ -16,6 +16,7 @@ what_is_text: |
   Apache Cassandra is an open source distributed database management system designed to handle large amounts of data across many commodity servers, providing high availability with no single point of failure. Cassandra offers robust support for clusters spanning multiple datacenters, with asynchronous masterless replication allowing low latency operations for all clients.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 docker_links:
   - "[`4.0.7`, `4.0`, `4`, `latest`](https://github.com/docker-library/cassandra/blob/08fa5553ad2dde684ca5337c7fedd173cbc41f39/4.0/Dockerfile)"
   - "[`3.11.14`, `3.11`, `3`](https://github.com/docker-library/cassandra/blob/13e3d6ca1ff1b6c9d780e5f018887c1d28318d50/3.11/Dockerfile)"

community_images/common/templates/image_readme.j2

@@ -11,7 +11,11 @@
 
 # RapidFort hardened image for {{ official_name }}
 
+{% if is_locked == "True" %}
+RapidFort’s container optimization process hardened this {{ official_name }} container. You can utilize it for free by signing up on [RapidFort.com](www.rapidfort.com) to obtain an access token. Remember to provide your access token as an environment variable named `RF_ACCESS_TOKEN` when running the image.
+{% else %}
 RapidFort’s container optimization process hardened this {{ official_name }} container. This container is free to use and has no license limitations.
+{% endif %}
 
 It is the same as the [{{- source_image_provider }} {{ official_name -}}][source-image-repo-link] image but more secure.
 
@@ -45,6 +49,18 @@ Every day, we optimize and harden a variety of Docker Hub’s most famous images
 
 ## How do I use this hardened {{ official_name }} image?
 
+{% if is_locked == "True" %}
+<ol>
+    <li>Register on <a href="www.rapidfort.com">RapidFort.com</a> to receive your complimentary access token.</li>
+    <li>When running the image, ensure to pass your access token as an environment variable named RF_ACCESS_TOKEN.</li>
+</ol>
+
+For instance, when using Docker, execute the following command:
+```sh
+docker run -e RF_ACCESS_TOKEN="your_access_token" image_name
+```
+{% endif %}
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href=" {{- source_image_readme -}} ">

community_images/common/templates/image_yml_params.yml

@@ -39,6 +39,9 @@ params:
   - name: disclaimer
     description: 'disclaimer or any legal liability notice to be added'
     value : '""'
+  - name: is_locked
+    description: 'if the image needs RF_ACCESS_TOKEN to be used or not'
+    value : 'False'
   - name: bitnami_excluded_branches
     description: 'bitnami tags are auto generated, this list allows specific branches to be exculded'
     value : ['""', '""']

community_images/consul/bitnami/README.md

@@ -11,8 +11,10 @@
 
 # RapidFort hardened image for Consul
 
+
 RapidFort’s container optimization process hardened this Consul container. This container is free to use and has no license limitations.
 
+
 It is the same as the [Bitnami Consul][source-image-repo-link] image but more secure.
 
 Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
@@ -47,6 +49,8 @@ Trademarks: This software listing is packaged by RapidFort. The respective trade
 
 ## How do I use this hardened Consul image?
 
+
+
 The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.
 
 <a href="https://github.com/bitnami/containers/blob/main/bitnami/consul/README.md">
@@ -85,7 +89,7 @@ RapidFort’s hardened [rapidfort/consul][rf-dh-image-link] image has been optim
 We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.
 
 ## Supported tags and respective `Dockerfile` links
-* [`1`, `1-debian-11`, `1.17.2`, `1.17.2-debian-11-r` (1/debian-11/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/consul/1/debian-11/Dockerfile)
+* [`1`, `1-debian-12`, `1.17.3`, `1.17.3-debian-12-r` (1/debian-12/Dockerfile)](https://github.com/bitnami/containers/tree/main/bitnami/consul/1/debian-12/Dockerfile)
 
 ## Need support
 

community_images/consul/bitnami/image.yml

@@ -18,6 +18,7 @@ what_is_text: |
   Consul is a service networking solution to automate network configurations, discover services, and enable secure connectivity across any cloud or runtime.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+is_locked: "False"
 input_registry:
   registry: docker.io
   account: bitnami