This is why I never used their images for any of my projects and do everything I can to use official charts made by the software vendor itself or create my own and put them in my personal git repo for automated deployments.

Any business that gives away middleware for free, likely does that in the hopes of monetizing that pretty directly and eventually will be pressured to increase monetization of those things by those investors or will be forced to stop developing those products due to lack of funding. Middleware really doesn’t have many other good ways to monetize.

Many helm charts, like authentik or forgejo integrate bitnami helmcharts for their databases. So that’s why this is concerning to me,

But, I was planning to switch to operators like cloudnativepostgres for my databases instead and disable the builtin bitnami images. When using the builtin bitnami images, automatic migration between major releases is not supported, you have to do it yourself manually and that dissapointed me.

Certainly glad I had my suspicions of Bitnami rugpulling when constructing my Kubernetes cluster and preemptively stripped out as much as possible from helm charts that relied on anything Bitnami. This is going to suck for a lot of people and organizations given that images like rabbitmq, postgres, oauth2-proxy, minio among many others are affected.

It’s not a full rugpull yet, but not being able to pin versions for the newer security-hardened images is already a huge issue for many pieces of software. Especially for things like not being able to pin to a major version of postgres will cause major problems over time for cluster admins and helm chart developers alike if they don’t migrate to other solutions.

Who knows if (when) Bitnami decides to go further in restricting their images, charts from being free and open. I do wish in the future that more helm chart developers would know the caution that should be taken when trusting anything touched by Broadcom of all companies. Maybe this is the necessary warning sign for many.

We use expensive vendor software at work that uses bitnami images in their Helm chart. I hope they know about this.

I use Bitnami SealedSecrets. Does anyone know if that’s going down the shitter too?

Mostly unaffected save for some things. Emberstack kubernetes reflector opts to not make their own chart and their docs tell you to use Bitnami, so its the only chart I use that I’ll have to start maintaining myself unless Emberstack changes their stance.

Old free images won’t be removed but since they won’t get any kind of update, are essentially useless