infrastructure/k8s-cluster
1
0
Fork 2
Code Issues 35 Pull requests 6 Projects Releases Packages Wiki Activity Actions

Migrate away from bitnami #26

New issue
Open
opened 2025-12-08 12:51:42 +00:00 by Ghostinvisible-forgejo-org · 7 comments
Ghostinvisible-forgejo-org commented 2025-12-08 12:51:42 +00:00
Copy link

Bitnami images and charts on docker hub now have rate limits, so we should migrate away or use different mirrors

TODO:

  • cert-manager helm chart
  • bitnami/nginx docker image #847 8d3c79165a be577abf3f
  • kube-prometheus helm chart
  • bitnami/git docker image
Bitnami images and charts on docker hub now have rate limits, so we should migrate away or use different mirrors - #230 - https://github.com/bitnami/charts/issues/30853 - https://code.forgejo.org/forgejo/oci-mirror/pulls/30 **TODO**: - [x] `cert-manager` helm chart - [x] `bitnami/nginx` docker image #847 8d3c79165a1edb222f6840912a8a551168eadcc4 be577abf3ff2816abf11834f63ce01a8a44f091a - [ ] `kube-prometheus` helm chart - [ ] `bitnami/git` docker image
👍 1
Ghostinvisible-forgejo-org commented 2025-12-08 12:51:42 +00:00
Author
Copy link

Alternate is to mirror them to a different public registry.

Alternate is to mirror them to a different public registry.
viceice commented 2025-12-08 12:51:42 +00:00
Copy link

this now needs higher priority because bitnami stops publishing public Images

https://github.com/bitnami/charts/issues/35164

this now needs higher priority because bitnami stops publishing public Images https://github.com/bitnami/charts/issues/35164
earl-warren commented 2025-12-08 12:51:42 +00:00
Copy link
git --no-pager grep -nH -i 'bitnami' | grep -v '#'
flux/apps/charts/static-site/templates/deployment.yaml:23:          image: public.ecr.aws/bitnami/git:2.50.1
flux/apps/charts/static-site/templates/deployment.yaml:38:          image: public.ecr.aws/bitnami/nginx:1.26
flux/apps/forgejo-code/ddos.yaml:53:          image: public.ecr.aws/bitnami/nginx:1.26
flux/apps/forgejo-code/ddos.yaml:65:          image: public.ecr.aws/bitnami/nginx:1.26
flux/apps/monitoring/kube-prometheus.yaml:15:        name: bitnami-charts
flux/infrastructure/controllers/cert-manager.yaml:18:        name: bitnami-charts
flux/infrastructure/repos/bitnami-charts.yaml:4:  name: bitnami-charts
flux/infrastructure/repos/bitnami-charts.yaml:9:  url: oci://ghcr.io/visualon/bitnamicharts
flux/infrastructure/repos/kustomization.yaml:7:  - bitnami-charts.yaml
renovate.json:13:      "matchPackageNames": ["code.forgejo.org/forgejo-helm/forgejo", "ghcr.io/traefik/helm/traefik", "**{,/}bitnamicharts/*"],
``` git --no-pager grep -nH -i 'bitnami' | grep -v '#' flux/apps/charts/static-site/templates/deployment.yaml:23: image: public.ecr.aws/bitnami/git:2.50.1 flux/apps/charts/static-site/templates/deployment.yaml:38: image: public.ecr.aws/bitnami/nginx:1.26 flux/apps/forgejo-code/ddos.yaml:53: image: public.ecr.aws/bitnami/nginx:1.26 flux/apps/forgejo-code/ddos.yaml:65: image: public.ecr.aws/bitnami/nginx:1.26 flux/apps/monitoring/kube-prometheus.yaml:15: name: bitnami-charts flux/infrastructure/controllers/cert-manager.yaml:18: name: bitnami-charts flux/infrastructure/repos/bitnami-charts.yaml:4: name: bitnami-charts flux/infrastructure/repos/bitnami-charts.yaml:9: url: oci://ghcr.io/visualon/bitnamicharts flux/infrastructure/repos/kustomization.yaml:7: - bitnami-charts.yaml renovate.json:13: "matchPackageNames": ["code.forgejo.org/forgejo-helm/forgejo", "ghcr.io/traefik/helm/traefik", "**{,/}bitnamicharts/*"], ```
earl-warren commented 2025-12-08 12:51:43 +00:00
Copy link

Added a link to https://code.forgejo.org/forgejo/oci-mirror/pulls/30 for cross reference purposes.

Added a link to https://code.forgejo.org/forgejo/oci-mirror/pulls/30 for cross reference purposes.
viceice commented 2025-12-08 12:51:43 +00:00
Copy link

Ok, we need to move to official cert-manager chart, because the bitnami chart uses v1.18.2 which has vulnerabillities.
Will do while migrating my own.

https://github.com/cert-manager/cert-manager/releases

Ok, we need to move to official cert-manager chart, because the bitnami chart uses v1.18.2 which has vulnerabillities. Will do while migrating my own. https://github.com/cert-manager/cert-manager/releases
viceice commented 2025-12-08 12:51:43 +00:00
Copy link
- 5730cbcda9c46d970cf9392e2b4f5c3dcac4357b - 01b6ed77e2d82835af28d58506543fac512b64c8
🚀 1
viceice commented 2025-12-08 12:51:44 +00:00
Copy link
- #847 - 8d3c79165a1edb222f6840912a8a551168eadcc4 - be577abf3ff2816abf11834f63ce01a8a44f091a
❤️ 1
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
renovate/ghcr.io-visualon-roundcube-1.6.11
renovate/ghcr.io-visualon-nginx-1.28.0
renovate/bitnami-valkey-9.0.0
renovate/bitnami-kubectl-1.34.2
renovate/ghcr.io-traefik-traefik-3.x
feat/v7-anubis-policy
No results found.
Labels
Clear labels   
bug

Something is not working

  
cleanup

   
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
forgefriends

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  
help wanted

Need some help

  
hetzner

Hetzner related problems and work items.

  
invalid

Something is wrong

  
label workflow

a workflow is associated with this issue and will trigger when labels are updated

  
need more info

   
question

More information is needed

  
refactor

No functional change, reorganization

  
static-site

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  
sync

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/build.yml

  
wontfix

This won't be fixed

No labels
bug
cleanup
duplicate
enhancement
forgefriends
help wanted
hetzner
invalid
label workflow
need more info
question
refactor
static-site
sync
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
infrastructure/k8s-cluster#26
No description provided.