PREQUEL-2025-0109

Kubernetes Legacy Bitnami Repository Image PullsMedium

PREQUEL-2025-0109View on GitHub

KubernetesBitnamiContainer ImagesImage PullsDocker HubSecurity

Description

• Detects Kubernetes events where container images are being pulled from the unmaintaing /bitnamilegacy repository on Docker Hub.
• Monitors image pull operations specifically from docker.io/bitnamilegacy/* which is no longer maintained.
• Identifies usage of the deprecated Bitnami repository that requires immediate migration.
• Tracks container deployments using the legacy /bitnamilegacy path for urgent migration planning.

Cause

• Kubernetes pods being scheduled that require images from the unmaintained /bitnamilegacy repository.
• Application deployments still using legacy Bitnami Helm charts pointing to docker.io/bitnamilegacy/*.
• CI/CD pipelines configured to pull from the deprecated /bitnamilegacy repository path.
• Container orchestration systems with hardcoded references to docker.io/bitnamilegacy/*.
• Development teams unaware of the deprecated repository status continuing to use legacy paths.
• Infrastructure automation scripts with outdated Bitnami image references.

Mitigation

• Immediately audit all deployments using docker.io/bitnamilegacy/* image references.
• Replace /bitnamilegacy references with supported alternatives or equivalent images.
• Implement automated scanning to detect any remaining deprecated repository usage.

References

• https://github.com/bitnami/containers/issues/83267 - Upcoming changes to the Bitnami catalog (effective August 28th, 2025)
• https://hub.docker.com/u/bitnamisecure - Bitnami Secure Images
• https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/ - Bitnami Secure Images Enterprise