docker-hardened-images / catalog

Docker Hardened Images This repository is the home of the **Docker Hardened Images** definition files. It contains declarative specifications for building secure, minimal, and production-ready container images and Helm charts. 🎯 Overview Docker Hardened Images provides a curated collection of container images built with security and minimalism as core principles. Each image is: • **Security-focused**: Built with minimal attack surface and hardened configurations • **Continuously updated**: Regularly maintained with the latest security patches • **Production-ready**: Configured with best practices for enterprise deployments • **Transparent**: Fully open-source definitions enable auditability and customization 📁 Repository Structure 📦 Image Definitions ( ) Contains definitions for **hardened container images** across various categories: • **Base images**: , , • **Language runtimes**: , , , , (OpenJDK, Eclipse Temurin, Amazon Corretto, Azul) • **Databases**: , , , , , , , • **Infrastructure**: , , , • **Observability**: , , , , , • **Kubernetes tools**: , , , , , , • **Security tools**: , , , , • **Development tools**: , , , Image Directory Structure Each image follows this structure: **Example**: Image Definition Files Each file is a declarative specification containing: • **Metadata**: Image name, tags, supported platforms • **Contents**: Base OS, packages, repositories, dependencies • **Build pipeline**: Multi-stage build steps and configurations • **Security**: User/group configurations, file permissions • **Runtime**: Entrypoint, command, environment variables, exposed ports • **Tests**: Automated validation and compliance checks **Variants** represent different configurations: • **runtime**: Minimal runtime image • ** **: Development image with build tools, shell and package managers • ** **: Helm-chart compatibility images 📊 Chart Definitions ( ) Contains definitions for **Helm charts** that deploy applications using hardened images: **Examples**: , , , , , Chart Directory Structure ** ** contains: • Display name and description • Categories (e.g., , ) • Documentation URLs 🔧 Package Definitions ( ) Contains **package definitions** for common components: • , , , , , , • , , Packages are shared components that can be referenced by multiple image definitions, promoting consistency and reducing duplication. 🚀 Getting Started Using Hardened Images Pre-built images are available from Docker's registry: 📖 Documentation • **Contributing Guide**: How to contribute to this project • **Code of Conduct**: Community guidelines and standards • **License**: Apache 2.0 license terms For specific image or chart documentation, refer to the and files in their respective directories. 🤝 Contributing We welcome contributions! Whether you're: • Adding new image definitions • Improving existing configurations • Updating documentation • Reporting issues • Sharing best practices Please read our Contributing Guide to get started. Ways to Contribute • **Image Requests**: Open an issue to request a new hardened image • **Bug Reports**: Report issues with existing images or definitions • **Enhancements**: Suggest improvements to build processes or configurations • **Documentation**: Help improve guides and examples • **Testing**: Validate images in different environments 🔒 Security Security is our top priority. All images are: • Built from minimal base images • Configured with least-privilege principles • Scanned for vulnerabilities • Updated regularly with security patches • Run as non-root users by default To report security vulnerabilities, please follow responsible disclosure practices as outlined in our security policy. 📄 License This project is licensed under the Apache License 2.0. See LICENSE.txt for details. 🔗 Links • **Docker Hardened Images Catalog**: Catalog • **Docker Hardened Images**: docker.com/products/hardened-images • **Commercial Support**: docker.com/support • **Issue Tracker**: GitHub Issues • **Discussions**: GitHub Discussions --- **Docker Hardened Images** - Building secure containers, together.