Comment by elephantum

6 months ago

They write in the press release, that the sources remain under Apache 2 license, they just stop distributing prebuilt images for free.

Edit: As I see it's true.

8 comments

elephantum

If you look at the folders there, you'll see that all of the older Dockerfiles have been removed, even for versions of software that are not EOL.

For example:

> The source code for containers and Helm charts remains available on GitHub under the Apache 2.0 license.

Ofc they're all still in the Git history: https://github.com/bitnami/containers/commit/7651d48119a1f3f... but they must have a very interesting interpretation of what available means then.

It looks like setting up a mirror and CI/CD on top of Github might work for some time. ghcr is free for public images

aeijdenberg 6 months ago

I've been thinking a lot about this kind of thing recently - and put a prototype up of htvend [1] that allows you to archive out dependencies during an image build. The idea being that if you have a mix of private/public dependencies that the upstream dependencies can be saved off locally as blobs allowing your build process to be able to be re-run in the future, even if the upstream assets become unavailable (as appears to be the case here).
[1] https://github.com/continusec/htvend
synchrone 6 months ago

Their Dockerfiles include things like download pre built binaries from $SECRET_BASEURL which is hosted by them, can still be found in git log though. I imagine it will go offline / have auth soon enough.
raffraffraff 6 months ago

Or if you have a decent sized deployment in one of the clouds, it's extremely likely you'll already use their internal registry (eg AWS ECR). I know that we do. So it's just a case of setting up a few docker build projects in git that push to your own internal registry.

Is it clear whether the Debian image sources will continue to be maintained?