Skip to content

chore: use upstream images#112

Draft
codyshoffner wants to merge 7 commits intomainfrom
chore/use-upstream-images
Draft

chore: use upstream images#112
codyshoffner wants to merge 7 commits intomainfrom
chore/use-upstream-images

Conversation

@codyshoffner
Copy link
Contributor

@codyshoffner codyshoffner commented Oct 16, 2025

Description

  • Swap away from bitnami images for the valkey & valkey sentinel deployments.

  • The Valkey Sentinel docker image has been removed, but valkey sentinel can be deployed from the standard valkey image.

  • I would love feedback on this draft, primarily as it pertains to the values/values.yaml. I do not love the new implementation. There is not an upstream helm chart that supports sentinel, except for the bitnami one that is currently being used.
    In the values/values.yaml, I had to figure out how the bitnami startup scripts would create a sentinel.conf, then recreate it myself. I am open to suggestions on how this could better be implemented.

  • Unfortunately, I had to continue using bitnamilegacy for the redis-exporter image, as bitnami has a hardcoded bash wrapper for the exporter, which only get's enabled whenever you enable sentinel. There are no upstream redis-exporter images that support a bash terminal.

Related Issue

Fixes #

Relates to #

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@github-actions
Copy link
Contributor

github-actions bot commented Oct 16, 2025

No comparable image found, assuming new image

bitnamilegacy/redis-exporter 1.76.0-debian-12-r0 -> 1.76.0-debian-12-r0

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 96

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
Existing vulnerabilities
ID SEVERITY URL
CVE-2023-31484 high https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2023-31484 high https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2023-31484 high https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6297 high https://security-tracker.debian.org/tracker/CVE-2025-6297
CVE-2025-4802 high https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-9230 high https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2025-4802 high https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2023-31484 high https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-9230 high https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-40909 medium https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-9232 medium https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-8058 medium https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-9232 medium https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-30258 medium https://security-tracker.debian.org/tracker/CVE-2025-30258
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-47910 medium https://nvd.nist.gov/vuln/detail/CVE-2025-47910
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2025-40909 medium https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2025-40909 medium https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-8058 medium https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2025-40909 medium https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2023-4016 low https://security-tracker.debian.org/tracker/CVE-2023-4016
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2016-2781 low https://security-tracker.debian.org/tracker/CVE-2016-2781
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2023-4016 low https://security-tracker.debian.org/tracker/CVE-2023-4016
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2025-27587 none https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2018-6829 none https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2005-2541 none https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-3219 none https://security-tracker.debian.org/tracker/CVE-2022-3219
CVE-2023-31486 none https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2025-27587 none https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2023-31486 none https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2025-5278 none https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2023-31486 none https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2024-2236 none https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2023-31486 none https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2011-3389 none https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2017-18018 none https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022

No comparable image found, assuming new image

valkey/valkey 8.1.3 -> 8.1.3

New vulnerabilities: 0
Fixed vulnerabilities: 0
Existing vulnerabilities: 83

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
Existing vulnerabilities
ID SEVERITY URL
CVE-2025-46817 critical https://nvd.nist.gov/vuln/detail/CVE-2025-46817
CVE-2025-49844 critical https://nvd.nist.gov/vuln/detail/CVE-2025-49844
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-46819 high https://nvd.nist.gov/vuln/detail/CVE-2025-46819
CVE-2023-31484 high https://security-tracker.debian.org/tracker/CVE-2023-31484
CVE-2025-4802 high https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-4802 high https://security-tracker.debian.org/tracker/CVE-2025-4802
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-6020 high https://security-tracker.debian.org/tracker/CVE-2025-6020
CVE-2025-46818 high https://nvd.nist.gov/vuln/detail/CVE-2025-46818
CVE-2025-6297 high https://security-tracker.debian.org/tracker/CVE-2025-6297
CVE-2025-9230 high https://security-tracker.debian.org/tracker/CVE-2025-9230
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-8058 medium https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2023-50495 medium https://security-tracker.debian.org/tracker/CVE-2023-50495
CVE-2025-9232 medium https://security-tracker.debian.org/tracker/CVE-2025-9232
CVE-2025-30258 medium https://security-tracker.debian.org/tracker/CVE-2025-30258
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-10041 medium https://security-tracker.debian.org/tracker/CVE-2024-10041
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2025-40909 medium https://security-tracker.debian.org/tracker/CVE-2025-40909
CVE-2025-8058 medium https://security-tracker.debian.org/tracker/CVE-2025-8058
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-22365 medium https://security-tracker.debian.org/tracker/CVE-2024-22365
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2025-49112 low https://nvd.nist.gov/vuln/detail/CVE-2025-49112
CVE-2025-6141 low https://security-tracker.debian.org/tracker/CVE-2025-6141
CVE-2024-56433 low https://security-tracker.debian.org/tracker/CVE-2024-56433
CVE-2016-2781 low https://security-tracker.debian.org/tracker/CVE-2016-2781
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2024-2236 none https://security-tracker.debian.org/tracker/CVE-2024-2236
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2017-18018 none https://security-tracker.debian.org/tracker/CVE-2017-18018
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2022-3219 none https://security-tracker.debian.org/tracker/CVE-2022-3219
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2019-1010023 none https://security-tracker.debian.org/tracker/CVE-2019-1010023
CVE-2018-6829 none https://security-tracker.debian.org/tracker/CVE-2018-6829
CVE-2023-31486 none https://security-tracker.debian.org/tracker/CVE-2023-31486
CVE-2025-5278 none https://security-tracker.debian.org/tracker/CVE-2025-5278
CVE-2019-1010022 none https://security-tracker.debian.org/tracker/CVE-2019-1010022
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2010-4756 none https://security-tracker.debian.org/tracker/CVE-2010-4756
CVE-2022-27943 none https://security-tracker.debian.org/tracker/CVE-2022-27943
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2023-31438 none https://security-tracker.debian.org/tracker/CVE-2023-31438
CVE-2011-3389 none https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2013-4392 none https://security-tracker.debian.org/tracker/CVE-2013-4392
CVE-2005-2541 none https://security-tracker.debian.org/tracker/CVE-2005-2541
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2007-5686 none https://security-tracker.debian.org/tracker/CVE-2007-5686
CVE-2023-31437 none https://security-tracker.debian.org/tracker/CVE-2023-31437
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563
CVE-2023-31439 none https://security-tracker.debian.org/tracker/CVE-2023-31439
CVE-2011-3374 none https://security-tracker.debian.org/tracker/CVE-2011-3374
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2019-1010024 none https://security-tracker.debian.org/tracker/CVE-2019-1010024
CVE-2011-4116 none https://security-tracker.debian.org/tracker/CVE-2011-4116
CVE-2018-20796 none https://security-tracker.debian.org/tracker/CVE-2018-20796
CVE-2019-9192 none https://security-tracker.debian.org/tracker/CVE-2019-9192
CVE-2019-1010025 none https://security-tracker.debian.org/tracker/CVE-2019-1010025
CVE-2025-27587 none https://security-tracker.debian.org/tracker/CVE-2025-27587
CVE-2022-0563 none https://security-tracker.debian.org/tracker/CVE-2022-0563

quay.io/rfcurated/redis-exporter 1.74.0-jammy-scratch-bnt-fips-rfcurated -> 1.76.0-jammy-scratch-bnt-fips-rfcurated

New vulnerabilities: 1
Fixed vulnerabilities: 2
Existing vulnerabilities: 0

New vulnerabilities
ID SEVERITY URL
CVE-2022-4899 low https://ubuntu.com/security/CVE-2022-4899
Fixed vulnerabilities
ID SEVERITY URL
CVE-2025-47907 high https://nvd.nist.gov/vuln/detail/CVE-2025-47907
CVE-2025-47906 medium https://nvd.nist.gov/vuln/detail/CVE-2025-47906
Existing vulnerabilities
ID SEVERITY URL

quay.io/rfcurated/valkey/valkey 8.1.3-jammy-fips-rfcurated -> 8.1.3-jammy-fips-rfcurated

New vulnerabilities: 0
Fixed vulnerabilities: 4
Existing vulnerabilities: 5

New vulnerabilities
ID SEVERITY URL
Fixed vulnerabilities
ID SEVERITY URL
CVE-2025-9230 medium https://ubuntu.com/security/CVE-2025-9230
CVE-2025-45582 medium https://ubuntu.com/security/CVE-2025-45582
CVE-2024-41996 low https://ubuntu.com/security/CVE-2024-41996
CVE-2025-27587 low https://ubuntu.com/security/CVE-2025-27587
Existing vulnerabilities
ID SEVERITY URL
CVE-2025-46817 critical https://nvd.nist.gov/vuln/detail/CVE-2025-46817
CVE-2025-49844 critical https://nvd.nist.gov/vuln/detail/CVE-2025-49844
CVE-2025-46819 high https://nvd.nist.gov/vuln/detail/CVE-2025-46819
CVE-2025-46818 high https://nvd.nist.gov/vuln/detail/CVE-2025-46818
CVE-2025-49112 low https://nvd.nist.gov/vuln/detail/CVE-2025-49112

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant