Consolidation of Sealed Secrets images in DockerHub #1393
Labels
Comments
|
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
|
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
|
Due to the lack of activity in the last 7 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary. |
alvneiayu
added a commit
that referenced
this issue
Jan 18, 2024
… release (#1392) With these changes, we are going to release the newest Sealed Secrets version using the containers generated by the Bitnami Container Release process using the tag of with our release. Then, we will generate the official release in our project. Why this decision? Using the Bitnami Release process, the containers are tested in several environment (OpenShift, AKS, etc) running our integration tests. Like this, the project will be covered in several real environments that Sealed Secrets in running by the users. From the user side, **you will not notice any change at all**. We are publishing the containers in the same registry and our chart and controller will use the same containers. fixes #1393 --------- Signed-off-by: Alvaro Neira Ayuso <alvaron@vmware.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
The Sealed Secrets controller's official image is hosted in the Bitnami repository in DockerHub. At the same time, Bitnami produces its own controller and kubeseal image within the same repository. We understand this might create unnecessary confusion among Sealed Secrets users, so we have decided to consolidate both images into a single one.
What will we do?
Bitnami updates its images upon detecting new vulnerabilities. Additionally, these images are also packaged using a very compact scratch base image and compiled using golang best practices regarding code optimization. These features make Bitnami images a better option than their upstream counterparts. Our plan is to delegate the image generation process to the Bitnami team, while the Sealed Secrets team focuses on the generation of the kubeseal binaries.
In turn, the Bitnami team will refactor its current asset (
bitnami/sealed-secrets) into two standalone images: (bitnami/sealed-secrets-controllerandbitnami/sealed-secrets-kubeseal).How is this going to affect Sealed Secrets Users?
This modification is an internal change in the pipeline to produce & keep up-to-date the Sealed Secrets images. For that reason, the change should be seamless for any Sealed Secrets user. Existing and new Sealed Secrets releases will continue to be available in the project’s Releases section and the official Sealed Secrets container name in DockerHub (
bitnami/sealed-secrets-controller) will remain unchanged.When will the change take effect?
These changes were already implemented during Sealed Secrets January 2024 release.
The text was updated successfully, but these errors were encountered: