-
Notifications
You must be signed in to change notification settings - Fork 687
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consolidation of Sealed Secrets images in DockerHub #1393
Comments
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
Due to the lack of activity in the last 7 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary. |
… release (#1392) With these changes, we are going to release the newest Sealed Secrets version using the containers generated by the Bitnami Container Release process using the tag of with our release. Then, we will generate the official release in our project. Why this decision? Using the Bitnami Release process, the containers are tested in several environment (OpenShift, AKS, etc) running our integration tests. Like this, the project will be covered in several real environments that Sealed Secrets in running by the users. From the user side, **you will not notice any change at all**. We are publishing the containers in the same registry and our chart and controller will use the same containers. fixes #1393 --------- Signed-off-by: Alvaro Neira Ayuso <[email protected]>
The Sealed Secrets controller's official image is hosted in the Bitnami repository in DockerHub. At the same time, Bitnami produces its own controller and kubeseal image within the same repository. We understand this might create unnecessary confusion among Sealed Secrets users, so we have decided to consolidate both images into a single one.
What will we do?
Bitnami updates its images upon detecting new vulnerabilities. Additionally, these images are also packaged using a very compact scratch base image and compiled using golang best practices regarding code optimization. These features make Bitnami images a better option than their upstream counterparts. Our plan is to delegate the image generation process to the Bitnami team, while the Sealed Secrets team focuses on the generation of the kubeseal binaries.
In turn, the Bitnami team will refactor its current asset (
bitnami/sealed-secrets
) into two standalone images: (bitnami/sealed-secrets-controller
andbitnami/sealed-secrets-kubeseal
).How is this going to affect Sealed Secrets Users?
This modification is an internal change in the pipeline to produce & keep up-to-date the Sealed Secrets images. For that reason, the change should be seamless for any Sealed Secrets user. Existing and new Sealed Secrets releases will continue to be available in the project’s Releases section and the official Sealed Secrets container name in DockerHub (
bitnami/sealed-secrets-controller
) will remain unchanged.When will the change take effect?
These changes were already implemented during Sealed Secrets January 2024 release.
The text was updated successfully, but these errors were encountered: