Bitnami Community Blog

  • Private Community
 View Only

Automate Your Helm Chart Assessment: Introducing the BSI Action for Renovate Pull Requests

By Alfredo Garcia
By Pablo Galego On a recent blog called Beyond the Pull Request: How to Confidently Assess a Bitnami Helm Chart Update for Your Production Cluster , we discussed that GitOps and automation tools have come a long way to facilitate frequent updates ...
0 comments

Seamless Transition: Migrating from Ingress API to Gateway API with NGINX Gateway Fabric

By Javier Salmeron
The Kubernetes networking landscape is evolving, and the General Availability of the Gateway API in 2023 marked a significant step forward from the Ingress API. As the preferred mechanism for managing external access to services, the Gateway API offers ...
0 comments

Never miss an important update with Notification Providers

By Ivan Lopez
Managing a containerized application catalog shouldn't mean constantly checking dashboards for updates. Whether it's new applications, registry health changes, or critical patches, your team needs to know about important events as they happen, not hours ...
0 comments

FIPS dynamic feature, a new convenient way to configure FIPS modes in your containers and charts

By Alvaro Neira
By Álvaro Neira and Gonzalo Gómez What is Dynamic FIPS Feature? Hardened Bitnami Secure Images (BSI) are delivered with comprehensive FIPS preparation, including OpenSSL FIPS and compatible runtime configurations. While this ensures high security, ...
0 comments

Helm 4 Has Arrived: Implications for the Bitnami Secure Images Charts Catalog

By Juan Ariza
As announced during Atlanta’s KubeCon North America 2025, Helm 4 is finally available ! Helm v4 is a significant project milestone that introduces a series of architectural changes, enhanced features, and new patterns, while maintaining ...
0 comments

Beyond the Pull Request: How to Confidently Assess a Bitnami Helm Chart Update for Your Production Cluster

By Alfredo Garcia
GitOps has fundamentally changed how we deploy applications. With tools like ArgoCD and Renovate Bot , the deployment pipeline is reduced to a simple action: merging a Pull Request (PR). But what happens when that PR proposes an update to a ...
0 comments

NPM debug and chalk packages compromised

By Beltran Rueda Borrego
On September the 8th, the main developer of multiple and very popular NPM packages, Josh Junon posted his NPM account has been compromised . The attacker used his account to publish new versions of packages that contain a piece of code that would be ...
0 comments

Size vs Security: Why Bitnami Secure Image Minimal Node.js Image is the Optimal Choice

By David Gomez
The base image is a critical factor in determining a containerized application's overall responsiveness, resource efficiency, and security. A Bitnami Secure Image (BSI) Node.js Minimal provides a secure and efficient alternative to standard Node.js ...
0 comments

Using Bitnami Secure Images to build minimal, distroless-based containers for Golang apps

By Juan Ariza
Bitnami Secure Images (BSI) provides a secure, transparent, robust and reliable solution for deploying applications in containerized environments. By leveraging Bitnami Secure Images, developers and operations teams can deploy applications with confidence ...
0 comments

How to prepare for the Bitnami Changes coming soon

By Beltran Rueda Borrego
Update After evaluating the impact and community feedback, the Bitnami team has postponed the deletion of the Bitnami public catalog ( docker.io/bitnami ) until September 29th to give users more time to adapt to the upcoming changes. To raise awareness ...
0 comments

Unlocking Efficiency: When Bitnami Secure Image Java Minimal is the Perfect Fit

By Ivan Lopez
In the world of containerized applications, selecting the right base image is crucial for performance, security, and resource management. While upstream Java images serve their purposes, there are specific use cases where a Bitnami Secure Image Java ...
0 comments

Enhancing OSS vulnerability response prioritization with Tanzu Application Catalog and VulnCheck

By Martin Perez
In a moment where the number of vulnerabilities increases 38% YoY , having the ability to separate what matters from what does not and focus on the important issues is more crucial than ever. A few months ago, we added support for the CISA KEV ...
0 comments

Critical Security Fix Released for Python – CVE-2025-4517

By Carlos Rodriguez
The Python project has released new versions across all supported branches to address a critical security vulnerability ( CVE-2025-4517 , CVSS 9.4/10). This vulnerability impacts core components of the Python runtime and could lead to unexpected behavior ...
0 comments

Reducing vulnerabilities with Red Hat Minimal images

By Alvaro Neira
One of the biggest headaches for any company’s security team is dealing with vulnerabilities. Imagine a huge company running thousands of products across tons of servers, each one potentially packed with vulnerabilities just waiting to be exploited. ...
0 comments

Argo CD fix for critical CVE-2025-47933

By Beltran Rueda Borrego
The Argo CD project just released new versions of all the supported branches for fixing a critical security issue, CVE-2025-47933 Argo CD allows cross-site scripting on repositories page . This vulnerability allows an attacker to perform arbitrary ...
0 comments

Tanzu Application Catalog Customizations

By Javier Aguadero Garcia
What are Tanzu Application Catalog customizations? Tanzu Application Catalog enables you to curate a customized set of trusted, pre-packaged application components that are continuously maintained and verifiably tested for production use. When ...
0 comments

Building your own Tanzu Application Catalog MCP server with Spring AI

By Martin Perez
Model Context Protocol (MCP) has taken the world by storm and that is understandable. What previously were ad hoc integrations with specific LLMs and data sources can now be replaced with a common protocol that promises a write-once-integrate-with-all-LLMs ...
0 comments

Expanding the ClickHouse Ecosystem: New Operator and Keeper Support in the Bitnami Helm Charts

By Juan Ariza
We’re excited to announce that we’ve expanded Tanzu Application Catalog , Bitnami Premium and Bitnami Application Catalog, enriching the ways you can deploy and manage ClickHouse solutions. First, we've introduced a new Helm chart ...
0 comments

Bitnami Helm Charts and CIS Kubernetes Benchmark: Now Using Secret Volumes Files by Default

By Miguel Ruiz
We are excited to announce an important security enhancement across our Bitnami Helm charts: Secrets are now mounted as volume files by default, in alignment with the CIS Kubernetes Benchmark . This change is part of our ongoing security hardening ...
0 comments

Bitnami Ingress-nginx fix for critical CVE-2025-1974 or IngressNightmare

By Beltran Rueda Borrego
Wiz Research team discovered a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes . Today the Ingress-nginx team released a new version fixing critical security issues. The most critical one ...
0 comments