Readme updates

.github/workflows/mongodb_perf_build.yml

@@ -26,4 +26,4 @@ jobs:
           DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
         run: docker login -u "${DOCKERHUB_USERNAME}" -p "${DOCKERHUB_PASSWORD}"
       - name: Build docker image
-        run: ./community_images/mongodb/bitnami/perf_test/build_docker.sh
+        run: ./community_images/mongodb/official/perf_test/build_docker.sh

.github/workflows/prometheus_flaskapp_build.yml

@@ -26,4 +26,4 @@ jobs:
           DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
         run: docker login -u "${DOCKERHUB_USERNAME}" -p "${DOCKERHUB_PASSWORD}"
       - name: Build docker image
-        run: ./community_images/prometheus/bitnami/build_docker.sh
+        run: ./community_images/prometheus/official/build_docker.sh

README.md

@@ -362,7 +362,7 @@ $ helm repo add argo https://argoproj.github.io/argo-helm
 $ helm install my-argocd argo/argo-cd --set image.repository=rapidfort/argocd
 
 # install nats
-$ helm install my-postgresql nats/nats --set image.repository=rapidfort/nats
+$ helm install my-nats nats/nats --set image.repository=rapidfort/nats
 
 ```
 ## How Community Images are Built
@@ -414,7 +414,7 @@ Learn more about container optimization at [RapidFort.com][rf-link-additonal-res
 [dh-rf]: https://hub.docker.com/u/rapidfort
 [license-badge]: https://img.shields.io/github/license/rapidfort/community-images?color=lightgray&style=flat-square
 [license]: https://github.com/rapidfort/community-images/blob/main/LICENSE
-[demo]: contrib/demo.gif
+[demo]: contrib/rf-ci-demo.svg
 
 [slack-badge]: https://img.shields.io/static/v1?label=Join&message=slack&logo=slack&logoColor=E01E5A&color=4A154B
 [slack-link]: https://join.slack.com/t/rapidfortcommunity/shared_invite/zt-1g3wy28lv-DaeGexTQ5IjfpbmYW7Rm_Q

TROUBLE_SHOOTING.md

@@ -22,7 +22,7 @@ The community images project relies on the upstream source images to work correc
     > Remediation: Please file a report and update the documentation for the image.
 
 1. ### Upstream source image has introduced a defect (Source image error).
-    > Remediation: Please file a report on the source project. For eg: Bitnami Postgres image.
+    > Remediation: Please file a report on the source project. For eg: Docker Library Postgres image.
 
 1. ### RapidFort hardened image is introducing a defect (RF error).
     > Remediation: Please report an issue, and we will work with our core engineering team to investigate and fix this issue.

community_images/airflow/airflow/ironbank/README.md

@@ -31,7 +31,7 @@ This optimized image is functionally equivalent to [Platform One Apache Airflow
 <br>
 
 
-Every day, RapidFort automatically optimizes and hardens a growing bank of Docker Hub’s most important container images. 
+Every day, RapidFort automatically optimizes and hardens a growing bank of Docker Hub’s most important container images.
 
 Check out our [entire library of secured container images.](https://hub.docker.com/u/rapidfort)
 <br>
@@ -65,69 +65,15 @@ The runtime instructions for this hardened container image are the same as the o
 <br>
 
 ```sh
-# Create a network
-docker network create airflow-tier
-
-# Create a volume for PostgreSQL persistence and create a PostgreSQL container
-docker volume create --name postgresql_data
-docker run -d --name postgresql \
-  -e POSTGRESQL_USERNAME=rf_airflow \
-  -e POSTGRESQL_PASSWORD=rapidfort1 \
-  -e POSTGRESQL_DATABASE=rapidfort_airflow \
-  --net airflow-tier \
-  --volume postgresql_data:/bitnami/postgresql \
-  rapidfort/postgresql:latest
-
-# Create a volume for Redis(R) persistence and create a Redis(R) container
-docker volume create --name redis_data
-docker run -d --name redis \
-  -e ALLOW_EMPTY_PASSWORD=yes \
-  --net airflow-tier \
-  --volume redis_data:/bitnami \
-  rapidfort/redis:latest
-
-# Launch the Apache Airflow web container
-docker run -d --name airflow -p 8080:8080 \
-  -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-  -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
-  -e AIRFLOW_EXECUTOR=CeleryExecutor \
-  -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
-  -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-  -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-  -e AIRFLOW_LOAD_EXAMPLES=yes \
-  -e AIRFLOW_PASSWORD=rapidfort123 \
-  -e AIRFLOW_USERNAME=user \
-  -e [email protected] \
-  --net airflow-tier \
-  rapidfort/airflow-ib:latest
-
-# Launch the Apache Airflow scheduler container
-docker run -d --name airflow-scheduler \
-  -e AIRFLOW_COMPONENT_TYPE=scheduler \
-  -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-  -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
-  -e AIRFLOW_EXECUTOR=CeleryExecutor \
-  -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
+# Run airflow worker scheduler and worker in same image
+docker run -d --name airflow \
+  -e AIRFLOW_DATABASE_NAME=rf_airflow \
   -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-  -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-  -e AIRFLOW_LOAD_EXAMPLES=yes \
-  -e AIRFLOW_WEBSERVER_HOST=airflow \
-  --net airflow-tier \
-  rapidfort/airflow-ib:latest
-
-# Launch the Apache Airflow worker container
-docker run -d --name airflow-worker \
-  -e AIRFLOW_COMPONENT_TYPE=worker \
-  -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-  -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
+  -e AIRFLOW_DATABASE_PASSWORD=s3cR31 \
   -e AIRFLOW_EXECUTOR=CeleryExecutor \
-  -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
-  -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-  -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-  -e AIRFLOW_WEBSERVER_HOST=airflow \
-  --net airflow-tier \
-  rapidfort/airflow-ib:latest
-
+  -e AIRFLOW__CORE__LOAD_EXAMPLES=true \
+  rapidfort/airflow-ib:latest \
+  bash -c "airflow db init && (airflow webserver & airflow scheduler)"
 ```
 
 ## What is a hardened image?

community_images/airflow/airflow/ironbank/image.yml

@@ -10,68 +10,15 @@ image_workflow_name: airflow_airflow_ironbank
 github_location: airflow/airflow/ironbank
 report_url: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fairflow%2Fairflow
 usage_instructions: |
-  # Create a network
-  docker network create airflow-tier
-
-  # Create a volume for PostgreSQL persistence and create a PostgreSQL container
-  docker volume create --name postgresql_data
-  docker run -d --name postgresql \
-    -e POSTGRESQL_USERNAME=rf_airflow \
-    -e POSTGRESQL_PASSWORD=rapidfort1 \
-    -e POSTGRESQL_DATABASE=rapidfort_airflow \
-    --net airflow-tier \
-    --volume postgresql_data:/bitnami/postgresql \
-    rapidfort/postgresql:latest
-
-  # Create a volume for Redis(R) persistence and create a Redis(R) container
-  docker volume create --name redis_data
-  docker run -d --name redis \
-    -e ALLOW_EMPTY_PASSWORD=yes \
-    --net airflow-tier \
-    --volume redis_data:/bitnami \
-    rapidfort/redis:latest
-
-  # Launch the Apache Airflow web container
-  docker run -d --name airflow -p 8080:8080 \
-    -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-    -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
-    -e AIRFLOW_EXECUTOR=CeleryExecutor \
-    -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
+  # Run airflow worker scheduler and worker in same image
+  docker run -d --name airflow \
+    -e AIRFLOW_DATABASE_NAME=rf_airflow \
     -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-    -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-    -e AIRFLOW_LOAD_EXAMPLES=yes \
-    -e AIRFLOW_PASSWORD=rapidfort123 \
-    -e AIRFLOW_USERNAME=user \
-    -e [email protected] \
-    --net airflow-tier \
-    rapidfort/airflow-ib:latest
-
-  # Launch the Apache Airflow scheduler container
-  docker run -d --name airflow-scheduler \
-    -e AIRFLOW_COMPONENT_TYPE=scheduler \
-    -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-    -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
+    -e AIRFLOW_DATABASE_PASSWORD=s3cR31 \
     -e AIRFLOW_EXECUTOR=CeleryExecutor \
-    -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
-    -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-    -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-    -e AIRFLOW_LOAD_EXAMPLES=yes \
-    -e AIRFLOW_WEBSERVER_HOST=airflow \
-    --net airflow-tier \
-    rapidfort/airflow-ib:latest
-
-  # Launch the Apache Airflow worker container
-  docker run -d --name airflow-worker \
-    -e AIRFLOW_COMPONENT_TYPE=worker \
-    -e AIRFLOW_FERNET_KEY=46BKJoQYlPPOexq0OhDZnIlNepKFf87WFwLbfzqDDho= \
-    -e AIRFLOW_SECRET_KEY=a25mQ1FHTUh3MnFRSk5KMEIyVVU2YmN0VGRyYTVXY08= \
-    -e AIRFLOW_EXECUTOR=CeleryExecutor \
-    -e AIRFLOW_DATABASE_NAME=rapidfort_airflow \
-    -e AIRFLOW_DATABASE_USERNAME=rf_airflow \
-    -e AIRFLOW_DATABASE_PASSWORD=rapidfort1 \
-    -e AIRFLOW_WEBSERVER_HOST=airflow \
-    --net airflow-tier \
-    rapidfort/airflow-ib:latest
+    -e AIRFLOW__CORE__LOAD_EXAMPLES=true \
+    rapidfort/airflow-ib:latest \
+    bash -c "airflow db init && (airflow webserver & airflow scheduler)"
 what_is_text: |
   Apache Airflow (or simply Airflow) is a platform to programmatically author, schedule, and monitor workflows.
 

community_images/common/templates/main_readme.j2

@@ -79,7 +79,7 @@ $ helm repo add argo https://argoproj.github.io/argo-helm
 $ helm install my-argocd argo/argo-cd --set image.repository=rapidfort/argocd
 
 # install nats
-$ helm install my-postgresql nats/nats --set image.repository=rapidfort/nats
+$ helm install my-nats nats/nats --set image.repository=rapidfort/nats
 
 ```
 ## How Community Images are Built
@@ -131,7 +131,7 @@ Learn more about container optimization at [RapidFort.com][rf-link-additonal-res
 [dh-rf]: https://hub.docker.com/u/rapidfort
 [license-badge]: https://img.shields.io/github/license/rapidfort/community-images?color=lightgray&style=flat-square
 [license]: https://github.com/rapidfort/community-images/blob/main/LICENSE
-[demo]: contrib/demo.gif
+[demo]: contrib/rf-ci-demo.svg
 
 [slack-badge]: https://img.shields.io/static/v1?label=Join&message=slack&logo=slack&logoColor=E01E5A&color=4A154B
 [slack-link]: https://join.slack.com/t/rapidfortcommunity/shared_invite/zt-1g3wy28lv-DaeGexTQ5IjfpbmYW7Rm_Q

community_images/template/provider/image.yml

@@ -1,27 +1,27 @@
 name: community-image
 official_name: RapidFort Community Images
 official_website: https://rapidfort.com
-source_image_provider: Bitnami
+source_image_provider: Provider
 source_image_repo: docker.io/provider/template
 source_image_repo_link: https://hub.docker.com/r/provider/template
-source_image_readme: https://github.com/bitnami/containers/blob/main/bitnami/consul/README.md
+source_image_readme: https://github.com/provider/containers/blob/main/image/README.md
 rf_docker_link: rapidfort/template
 image_workflow_name: template_provider
 github_location: template/provider
-report_url: https://us01.rapidfort.com/app/community/imageinfo/docker.io%2Fbitnami%2Fredis
+report_url: https://us01.rapidfort.com/app/community/imageinfo/docker.io%2Fprovider%2Ftemplate
 usage_instructions: |
-  $ helm repo add bitnami https://charts.bitnami.com/bitnami
+  $ helm repo add provider https://charts.provider.com/provider
 
-  # install mariadb, just replace repository with RapidFort registry
-  $ helm install my-nginx bitnami/template --set image.repository=rapidfort/template
+  # install image, just replace repository with RapidFort registry
+  $ helm install my-image provider/template --set image.repository=rapidfort/template
 what_is_text: |
   Please replace this with the details about the source image you are hardening.
 disclaimer: |
   Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
 is_locked: "False"
 input_registry:
   registry: docker.io
-  account: bitnami
+  account: provider
 repo_sets:
   - redis:
       input_base_tag: "7.0.3-debian-11-r"
@@ -31,8 +31,8 @@ runtimes:
   - type: k8s
     script: k8s_coverage.sh
     helm:
-      repo: bitnami
-      repo_url: https://charts.bitnami.com/bitnami
+      repo: provider
+      repo_url: https://charts.provider.com/provider
       chart: nats
     tls_certs:
       generate: true
@@ -60,5 +60,5 @@ runtimes:
       environment:
         KEY_FOO: VAL_BAR
       volumes:
-        configs/dynamic/bootstrap.yaml: /opt/bitnami/redis/conf/redis.yaml
+        configs/dynamic/bootstrap.yaml: /opt/provider/image/conf/redis.yaml
         configs/dynamic: /etc/redis