chore: use upstream images by codyshoffner · Pull Request #112 · uds-packages/valkey

codyshoffner · 2025-10-16T20:35:56Z

Description

Swap away from bitnami images for the valkey & valkey sentinel deployments.
The Valkey Sentinel docker image has been removed, but valkey sentinel can be deployed from the standard valkey image.
I would love feedback on this draft, primarily as it pertains to the values/values.yaml. I do not love the new implementation. There is not an upstream helm chart that supports sentinel, except for the bitnami one that is currently being used.
In the values/values.yaml, I had to figure out how the bitnami startup scripts would create a sentinel.conf, then recreate it myself. I am open to suggestions on how this could better be implemented.
Unfortunately, I had to continue using bitnamilegacy for the redis-exporter image, as bitnami has a hardcoded bash wrapper for the exporter, which only get's enabled whenever you enable sentinel. There are no upstream redis-exporter images that support a bash terminal.

Related Issue

Fixes #

Relates to #

Type of change

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Other (security config, docs update, etc)

Checklist before merging

Test, docs, adr added or updated as needed
Contributor Guide Steps followed

github-actions · 2025-10-16T20:37:16Z

No comparable image found, assuming new image

bitnamilegacy/redis-exporter `1.76.0-debian-12-r0` -> `1.76.0-debian-12-r0`

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 96

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL

Existing vulnerabilities

ID	SEVERITY	URL
CVE-2023-31484	high	https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2023-31484	high	https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2023-31484	high	https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6297	high	https://security-tracker.debian.org/tracker/CVE-2025-6297
CVE-2025-4802	high	https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-9230	high	https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2025-4802	high	https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2023-31484	high	https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-9230	high	https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-40909	medium	https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-9232	medium	https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-8058	medium	https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-9232	medium	https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-30258	medium	https://security-tracker.debian.org/tracker/CVE-2025-30258
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-47910	medium	https://nvd.nist.gov/vuln/detail/CVE-2025-47910
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-40909	medium	https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2025-40909	medium	https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-8058	medium	https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2025-40909	medium	https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2023-4016	low	https://security-tracker.debian.org/tracker/CVE-2023-4016
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2016-2781	low	https://security-tracker.debian.org/tracker/CVE-2016-2781
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2023-4016	low	https://security-tracker.debian.org/tracker/CVE-2023-4016
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-27587	none	https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2018-6829	none	https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2005-2541	none	https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-3219	none	https://security-tracker.debian.org/tracker/CVE-2022-3219
CVE-2023-31486	none	https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2025-27587	none	https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2023-31486	none	https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2025-5278	none	https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2023-31486	none	https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2024-2236	none	https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2023-31486	none	https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2011-3389	none	https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2017-18018	none	https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022

No comparable image found, assuming new image

valkey/valkey `8.1.3` -> `8.1.3`

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 83

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL

Existing vulnerabilities

ID	SEVERITY	URL
CVE-2025-46817	critical	https://nvd.nist.gov/vuln/detail/CVE-2025-46817
CVE-2025-49844	critical	https://nvd.nist.gov/vuln/detail/CVE-2025-49844
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-46819	high	https://nvd.nist.gov/vuln/detail/CVE-2025-46819
CVE-2023-31484	high	https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-4802	high	https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-4802	high	https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020	high	https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-46818	high	https://nvd.nist.gov/vuln/detail/CVE-2025-46818
CVE-2025-6297	high	https://security-tracker.debian.org/tracker/CVE-2025-6297
CVE-2025-9230	high	https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-8058	medium	https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2023-50495	medium	https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-9232	medium	https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-30258	medium	https://security-tracker.debian.org/tracker/CVE-2025-30258
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041	medium	https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-40909	medium	https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2025-8058	medium	https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365	medium	https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-49112	low	https://nvd.nist.gov/vuln/detail/CVE-2025-49112
CVE-2025-6141	low	https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2024-56433	low	https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2016-2781	low	https://security-tracker.debian.org/tracker/CVE-2016-2781
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2024-2236	none	https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2017-18018	none	https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2022-3219	none	https://security-tracker.debian.org/tracker/CVE-2022-3219
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2019-1010023	none	https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2018-6829	none	https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2023-31486	none	https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2025-5278	none	https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2019-1010022	none	https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2010-4756	none	https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2022-27943	none	https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2023-31438	none	https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2011-3389	none	https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2013-4392	none	https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2005-2541	none	https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2007-5686	none	https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2023-31437	none	https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2023-31439	none	https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2011-3374	none	https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2019-1010024	none	https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2011-4116	none	https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2018-20796	none	https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2019-9192	none	https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2019-1010025	none	https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2025-27587	none	https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2022-0563	none	https://security-tracker.debian.org/tracker/CVE-2022-0563

quay.io/rfcurated/redis-exporter `1.74.0-jammy-scratch-bnt-fips-rfcurated` -> `1.76.0-jammy-scratch-bnt-fips-rfcurated`

New vulnerabilities: 1
Fixed vulnerabilities: 2
Existing vulnerabilities: 0

New vulnerabilities

ID	SEVERITY	URL
CVE-2022-4899	low	https://ubuntu.com/security/CVE-2022-4899

Fixed vulnerabilities

ID	SEVERITY	URL
CVE-2025-47907	high	https://nvd.nist.gov/vuln/detail/CVE-2025-47907
CVE-2025-47906	medium	https://nvd.nist.gov/vuln/detail/CVE-2025-47906

Existing vulnerabilities

ID	SEVERITY	URL

quay.io/rfcurated/valkey/valkey `8.1.3-jammy-fips-rfcurated` -> `8.1.3-jammy-fips-rfcurated`

New vulnerabilities: 0
Fixed vulnerabilities: 4
Existing vulnerabilities: 5

New vulnerabilities

ID	SEVERITY	URL

Fixed vulnerabilities

ID	SEVERITY	URL
CVE-2025-9230	medium	https://ubuntu.com/security/CVE-2025-9230
CVE-2025-45582	medium	https://ubuntu.com/security/CVE-2025-45582
CVE-2024-41996	low	https://ubuntu.com/security/CVE-2024-41996
CVE-2025-27587	low	https://ubuntu.com/security/CVE-2025-27587

Existing vulnerabilities

ID	SEVERITY	URL
CVE-2025-46817	critical	https://nvd.nist.gov/vuln/detail/CVE-2025-46817
CVE-2025-49844	critical	https://nvd.nist.gov/vuln/detail/CVE-2025-49844
CVE-2025-46819	high	https://nvd.nist.gov/vuln/detail/CVE-2025-46819
CVE-2025-46818	high	https://nvd.nist.gov/vuln/detail/CVE-2025-46818
CVE-2025-49112	low	https://nvd.nist.gov/vuln/detail/CVE-2025-49112

codyshoffner added 3 commits October 16, 2025 15:24

chore: bump common

781d2f1

chore: update the valkey images to upstream, instead of bitnami

73c1305

test: update test jobs for valkey images

f2ae8b8

codyshoffner added 4 commits October 16, 2025 15:43

chore: bump common

b26122b

chore: mount valkey-sentinel secret, pass to configuration file

cef633d

chore: fix image versioning

f0cfa9c

chore: update testing timeouts

4518415

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: use upstream images#112

chore: use upstream images#112
codyshoffner wants to merge 7 commits intomainfrom
chore/use-upstream-images

codyshoffner commented Oct 16, 2025 •

edited

Loading

Uh oh!

github-actions bot commented Oct 16, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

codyshoffner commented Oct 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Related Issue

Type of change

Checklist before merging

Uh oh!

github-actions bot commented Oct 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

No comparable image found, assuming new image

bitnamilegacy/redis-exporter 1.76.0-debian-12-r0 -> 1.76.0-debian-12-r0

No comparable image found, assuming new image

valkey/valkey 8.1.3 -> 8.1.3

quay.io/rfcurated/redis-exporter 1.74.0-jammy-scratch-bnt-fips-rfcurated -> 1.76.0-jammy-scratch-bnt-fips-rfcurated

quay.io/rfcurated/valkey/valkey 8.1.3-jammy-fips-rfcurated -> 8.1.3-jammy-fips-rfcurated

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

codyshoffner commented Oct 16, 2025 •

edited

Loading

github-actions bot commented Oct 16, 2025 •

edited

Loading

bitnamilegacy/redis-exporter `1.76.0-debian-12-r0` -> `1.76.0-debian-12-r0`

valkey/valkey `8.1.3` -> `8.1.3`

quay.io/rfcurated/redis-exporter `1.74.0-jammy-scratch-bnt-fips-rfcurated` -> `1.76.0-jammy-scratch-bnt-fips-rfcurated`

quay.io/rfcurated/valkey/valkey `8.1.3-jammy-fips-rfcurated` -> `8.1.3-jammy-fips-rfcurated`