Chainguard’s OpenJDK Java images are now JCK conformant
We are excited to announce that our JDK and JRE latest builds for OpenJDK Java 21.0.3 and Java 22.0.1 have achieved a major milestone by passing all tests in the Java Compatibility Kit (JCK). The JCK is a comprehensive test suite provided by Oracle that validates adherence to the Java specification. This conformance applies also to any Chainguard Image that contains openjdk-21 packages 21.0.3-r2 and 21.0.3-r3 (latest) and/or openjdk-22 packages 22.0.1-r4 (latest).
Passing the JCK affirms that our Java base images are fully compatible and conform to the rigorous standards set out for Java SE 21 and 22 for both compiler and runtime. Chainguard customers can have confidence knowing they are using a Java distribution that is certified as compatible.
A reliable industry standard that strengthens Chainguard Images offering
JCK conformance is becoming increasingly prevalent among those concerned with security and speed of updates. It is a fact that many companies now expect the Java distributions they use to be JCK compliant. This is because JCK compliance ensures that Java applications will run consistently across different platforms and devices, and that they are compatible with other Java implementations.
Using Chainguard’s JRE and JDK container images comes with these added benefits:
Compatibility:
JCK compliance ensures that the OpenJDK Java base image adheres to the Java specification and is compatible with other Java implementations. This compatibility is crucial for maintaining interoperability between different Java applications and environments.
Portability:
That’s a given when using containers in general, but Chainguard’s JCK-compliant Java guarantees that Java applications written using Chainguard Images will run consistently across different platforms and devices as long as they support a JCK-compliant Java runtime environment.
Reliability:
JCK compliance indicates that the Java distribution has undergone rigorous testing and validation to ensure its reliability and stability on top of the testing that Chainagurd’s toolchain already performs.
Industry standard:
JCK compliance has become an industry standard, and many companies expect the Java distributions they use to be JCK-compliant. As a customer-obsessed company, we want to deliver on this request too.
Not just FedRAMP
With this huge upgrade, we are helping Chainguard Images customers become compliant with FedRAMP and other stringent compliance frameworks, as JCK compliance is a key requirement for FedRAMP certification. Using JCK compliant Java can contribute to meeting FedRAMP security requirements.
All of the above is also applicable to those subject to other compliance frameworks like HIPAA and PCI-DSS with which, again, JCK-conformant Java Chainguard Images supports the general requirements and helps achieve compliance.
Going forward, we are automating JCK testing as part of our build process. Soon, every new build of our OpenJDK packages will be validated against the JCK to ensure ongoing compatibility. We will clearly indicate which builds have passed testing through package metadata, attestations, README files, and visual treatments on our image listings.
This achievement reflects our continued commitment to providing trusted, high-quality Java base images that developers can rely on. We look forward to continuing to deliver compatible Java releases that help our customers build and run their Java applications with confidence. Ready to leverage JCK compliant Java for your compliance needs? Reach out to our team to learn more about Chainguard Images and how we can support your specific requirements.
Share this article
Related articles
- Product
Introducing the Self-Serve Catalog Experience
Chainguard launches the Self-Serve Experience for Catalog customers: instantly add, rename, or remove container images from our catalog, no tickets required.
Tony Camp, Staff Product Manager
- Product
Custom Assembly Updates: Create Multiple, Customized Variants of a Chainguard Container
Customize Chainguard Containers with the latest Custom Assembly update. You can create, edit, and manage secure, zero-CVE image variants directly in the console.
Tony Camp, Staff Product Manager
- Product
Class in Session: Chainguard Contributes to the Higher Education Community
Catch up on what Chainguard is doing with higher education institutions to advance open source security and build the next generation of innovation.
Ewan Simpson, Higher Education Advocate, and SJ Cushing, Field Marketing Manager, Higher Education
- Product
Secure and Free MinIO Chainguard Containers
MinIO pulled its free images—but Chainguard has you covered. Get zero-CVE, continuously built MinIO and MinIO Client containers, free and secure from Chainguard.
Manfred Moser, Senior Principal Developer Relations Engineer, Dimitri John Ledkov, Senior Principal Software Engineer, Lisa Tagliaferri, Senior Director, Developer Enablement, and Aaditya Jain, Senior Product Marketing Manager
- Product
Chainguard Libraries for Python: Now Generally Available with CVE Remediation and Malware Protection
Chainguard Libraries for Python, trusted open source language libraries designed for CVE remediation and malware protection, is now generally available.
Bria Giordano, Director, Product Marketing, and Anushka Iyer, Product Marketing Manager
- Product
Shifting Left: Why I’m Building at Chainguard
Chainguard SVP of Product Patrick Donahue shares why he is excited to join Chainguard and how he plans to help build products developers love.
Patrick Donahue, SVP of Product