Description
The Sealed Secrets controller's official image is hosted in the Bitnami repository in DockerHub. At the same time, Bitnami produces its own controller and kubeseal image within the same repository. We understand this might create unnecessary confusion among Sealed Secrets users, so we have decided to consolidate both images into a single one.
What will we do?
Bitnami updates its images upon detecting new vulnerabilities. Additionally, these images are also packaged using a very compact scratch base image and compiled using golang best practices regarding code optimization. These features make Bitnami images a better option than their upstream counterparts. Our plan is to delegate the image generation process to the Bitnami team, while the Sealed Secrets team focuses on the generation of the kubeseal binaries.
In turn, the Bitnami team will refactor its current asset (bitnami/sealed-secrets) into two standalone images: (bitnami/sealed-secrets-controller and bitnami/sealed-secrets-kubeseal).
How is this going to affect Sealed Secrets Users?
This modification is an internal change in the pipeline to produce & keep up-to-date the Sealed Secrets images. For that reason, the change should be seamless for any Sealed Secrets user. Existing and new Sealed Secrets releases will continue to be available in the project’s Releases section and the official Sealed Secrets container name in DockerHub (bitnami/sealed-secrets-controller) will remain unchanged.
When will the change take effect?
These changes were already implemented during Sealed Secrets January 2024 release.