The Deletion of Docker.io/Bitnami
13 days ago
- #Container Security
- #Bitnami
- #Helm Charts
- Bitnami has postponed the deletion of its public catalog until September 29th to allow users more time to adapt.
- Scheduled brownouts will occur on August 28, September 2, and September 17, temporarily making some images unavailable for 24 hours.
- Starting August 28th, Bitnami will archive its OCI registry to Bitnami Legacy, requiring users to update their pipelines and clusters.
- Users are encouraged to switch to Bitnami Secure Images (BSI) for better security and compliance, though some BSI images are free only for development/testing.
- Photon Linux-based images offer benefits like reduced CVEs, VEX statements, and advanced Helm charts, among others.
- The Bitnami Legacy Registry is an unsupported, temporary solution for users needing more time, but it will not receive updates.
- The changes are prompted by the increasing risks in open-source software, including malicious packages and regulatory requirements like the EU's Cyber Resilience Act.
- Bitnami Secure Images aim to democratize security and compliance, offering a low TCO for cutting-edge supply chain security.
- Competitors have inaccurately claimed that Bitnami is removing free access to container images and Helm charts, but the source code remains freely available on GitHub.
- The transition to the new registry will be gradual, starting August 28th, to minimize disruptions, with the main registry eventually hosting the free tier of Bitnami Secure Images.