PREQUEL-2025-0110

Kubernetes Bitnami Secure Image Pull Events - Designed for Non-Prod Usage OnlyMedium

PREQUEL-2025-0110View on GitHub

KubernetesBitnamiContainer ImagesImage PullsDev Only

Description

• Detects Kubernetes events where Bitnami Secure container images are being pulled.
• Monitors image pull operations for Bitnami Secure images which cannot be pinned to specific versions.
• Identifies usage of Bitnami Secure images that lack version pinning capabilities for production stability.
• Tracks container deployments using unpinnable Bitnami Secure images for compliance monitoring.

Cause

• Kubernetes pods being scheduled that require Bitnami Secure container images without version pinning.
• Application deployments using Bitnami Secure images that cannot specify exact versions.
• CI/CD pipelines pulling Bitnami Secure images without ability to lock to specific tags.
• Container orchestration systems pulling floating tags from bitnamisecure registry.
• Development teams using Bitnami Secure images with only latest/rolling tags available.
• Infrastructure automation unable to pin Bitnami Secure images to immutable versions.

Mitigation

• Avoid Bitnami Secure images in production due to inability to pin versions.
• Use alternative container registries that support semantic versioning and pinning.
• Consider using image mirroring to create pinnable versions of required images.

References

• https://hub.docker.com/u/bitnamisecure - Bitnami Secure Images
• https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/ - Bitnami Secure Images Enterprise