Home
Unchained
Product Blog

Chainguard’s OpenJDK Java images are now JCK conformant

Jordi Mon Companys, Senior Product Marketing Manager

We are excited to announce that our JDK and JRE latest builds for OpenJDK Java 21.0.3 and Java 22.0.1 have achieved a major milestone by passing all tests in the Java Compatibility Kit (JCK). The JCK is a comprehensive test suite provided by Oracle that validates adherence to the Java specification. This conformance applies also to any Chainguard Image that contains openjdk-21 packages 21.0.3-r2 and 21.0.3-r3 (latest) and/or openjdk-22 packages 22.0.1-r4 (latest).



Passing the JCK affirms that our Java base images are fully compatible and conform to the rigorous standards set out for Java SE 21 and 22 for both compiler and runtime. Chainguard customers can have confidence knowing they are using a Java distribution that is certified as compatible.

Image from OpenJDK website showing Chainguard as a signatory for Java SE 21 or later.

A reliable industry standard that strengthens Chainguard Images offering

JCK conformance is becoming increasingly prevalent among those concerned with security and speed of updates. It is a fact that many companies now expect the Java distributions they use to be JCK compliant. This is because JCK compliance ensures that Java applications will run consistently across different platforms and devices, and that they are compatible with other Java implementations.

Using Chainguard’s JRE and JDK container images comes with these added benefits:

Compatibility:

JCK compliance ensures that the OpenJDK Java base image adheres to the Java specification and is compatible with other Java implementations. This compatibility is crucial for maintaining interoperability between different Java applications and environments.

Portability:

That’s a given when using containers in general, but Chainguard’s JCK-compliant Java guarantees that Java applications written using Chainguard Images will run consistently across different platforms and devices as long as they support a JCK-compliant Java runtime environment.

Reliability:

JCK compliance indicates that the Java distribution has undergone rigorous testing and validation to ensure its reliability and stability on top of the testing that Chainagurd’s toolchain already performs.

Industry standard:

JCK compliance has become an industry standard, and many companies expect the Java distributions they use to be JCK-compliant. As a customer-obsessed company, we want to deliver on this request too.

Not just FedRAMP

With this huge upgrade, we are helping Chainguard Images customers become compliant with FedRAMP and other stringent compliance frameworks, as JCK compliance is a key requirement for FedRAMP certification. Using JCK compliant Java can contribute to meeting FedRAMP security requirements.

All of the above is also applicable to those subject to other compliance frameworks like HIPAA and PCI-DSS with which, again, JCK-conformant Java Chainguard Images supports the general requirements and helps achieve compliance.

Going forward, we are automating JCK testing as part of our build process. Soon, every new build of our OpenJDK packages will be validated against the JCK to ensure ongoing compatibility. We will clearly indicate which builds have passed testing through package metadata, attestations, README files, and visual treatments on our image listings.

This achievement reflects our continued commitment to providing trusted, high-quality Java base images that developers can rely on. We look forward to continuing to deliver compatible Java releases that help our customers build and run their Java applications with confidence. Ready to leverage JCK compliant Java for your compliance needs? Reach out to our team to learn more about Chainguard Images and how we can support your specific requirements.

Share

Ready to Lock Down Your Supply Chain?

Talk to our customer obsessed, community-driven team.

Get Started