container-image-scanner/scripts/bitnami-reality-check.js

🚨 EMERGENCY Bitnami Migration Scanner - Critical Timeline Aug 28/Sep 29, 2025. Enterprise scanner for 280+ Bitnami images, 118+ Helm charts with emergency migration automation to AWS alternatives.

#!/usr/bin/env node

const chalk = require('chalk');

class BitnamiRealityAnalyzer {
  analyzeImage(imageName) {
    const [name, tag] = imageName.split(':');
    const tagValue = tag || 'latest';
    
    if (!name.includes('bitnami')) {
      return { applicable: false };
    }

    const isLatest = tagValue === 'latest';
    const isVersioned = !isLatest && /^\d+\.\d+/.test(tagValue);
    
    return {
      applicable: true,
      imageName,
      tag: tagValue,
      isLatest,
      isVersioned,
      migrationRequired: isVersioned,
      securityConcerns: this.assessSecurityNeeds(imageName),
      recommendation: this.getRecommendation(imageName, isLatest, isVersioned)
    };
  }

  assessSecurityNeeds(imageName) {
    // Enterprise workloads typically need security features
    const service = imageName.split('/')[1]?.split(':')[0];
    const criticalServices = ['mysql', 'postgresql', 'mongodb', 'redis', 'elasticsearch'];
    
    return {
      needsSBOM: criticalServices.includes(service),
      needsCVEReports: true,
      needsSignatureVerification: criticalServices.includes(service),
      complianceRequired: criticalServices.includes(service)
    };
  }

  getRecommendation(imageName, isLatest, isVersioned) {
    const service = imageName.split('/')[1]?.split(':')[0];
    const awsAlternatives = {
      'mysql': 'Amazon RDS for MySQL',
      'postgresql': 'Amazon Aurora PostgreSQL', 
      'mongodb': 'Amazon DocumentDB',
      'redis': 'Amazon ElastiCache for Redis',
      'elasticsearch': 'Amazon OpenSearch Service'
    };

    if (isLatest) {
      return {
        priority: 'LOW',
        action: 'NO ACTION NEEDED',
        reason: 'Latest tag automatically transitions to Premium',
        awsAlternative: awsAlternatives[service]
      };
    }

    if (isVersioned) {
      return {
        priority: 'HIGH', 
        action: 'MIGRATION REQUIRED',
        reason: 'Versioned image requires manual registry migration',
        options: [
          `Migrate to ${awsAlternatives[service]} (RECOMMENDED)`,
          `Update to bitnamiprem registry + authentication setup`
        ],
        awsAlternative: awsAlternatives[service]
      };
    }

    return {
      priority: 'MEDIUM',
      action: 'REVIEW NEEDED',
      reason: 'Unusual tag pattern'
    };
  }

  generateReport(images) {
    console.log(chalk.bold.blue('🎯 Bitnami Premium Reality Check'));
    console.log(chalk.gray('Focus: Versioned Images + Security Requirements\n'));

    const results = images.map(img => this.analyzeImage(img)).filter(r => r.applicable);
    
    // Group by priority
    const highPriority = results.filter(r => r.recommendation.priority === 'HIGH');
    const lowPriority = results.filter(r => r.recommendation.priority === 'LOW');

    if (lowPriority.length > 0) {
      console.log(chalk.green.bold('✅ NO ACTION NEEDED (Latest Tags)'));
      lowPriority.forEach(result => {
        console.log(chalk.green(`   📦 ${result.imageName}`));
        console.log(chalk.gray(`      → ${result.recommendation.reason}`));
      });
      console.log('');
    }

    if (highPriority.length > 0) {
      console.log(chalk.red.bold('🚨 ACTION REQUIRED (Versioned Images)'));
      highPriority.forEach(result => {
        console.log(chalk.red(`   📦 ${result.imageName}`));
        console.log(chalk.yellow(`      Priority: ${result.recommendation.priority}`));
        console.log(chalk.yellow(`      Issue: ${result.recommendation.reason}`));
        
        if (result.recommendation.options) {
          console.log(chalk.blue('      Options:'));
          result.recommendation.options.forEach(option => {
            console.log(chalk.blue(`        • ${option}`));
          });
        }

        // Security assessment
        if (result.securityConcerns.complianceRequired) {
          console.log(chalk.magenta('      Security: Enterprise compliance required'));
          console.log(chalk.magenta('        → SBOMs, CVE reports, signature verification needed'));
        }
        console.log('');
      });
    }

    // Summary
    console.log(chalk.bold('📊 Summary:'));
    console.log(`   Latest tags (no action): ${chalk.green(lowPriority.length)}`);
    console.log(`   Versioned images (action required): ${chalk.red(highPriority.length)}`);
    
    if (highPriority.length > 0) {
      console.log(chalk.yellow('\n💡 Recommendation: Consider AWS managed services for versioned images'));
      console.log(chalk.gray('   → Eliminates registry migration complexity'));
      console.log(chalk.gray('   → Built-in security and compliance features'));
      console.log(chalk.gray('   → Reduced operational overhead'));
    }
  }
}

// Test with sample images
if (require.main === module) {
  const analyzer = new BitnamiRealityAnalyzer();
  
  const testImages = [
    'bitnami/mysql:latest',
    'bitnami/mysql:8.0.35',
    'bitnami/postgresql:latest', 
    'bitnami/postgresql:15.4.0',
    'bitnami/redis:7.2.4',
    'bitnami/mongodb:6.0.8',
    'nginx:latest'
  ];

  analyzer.generateReport(testImages);
}

module.exports = { BitnamiRealityAnalyzer };