Skip to content

PTCI-3293: Fixing vulns update etcd to Bitnami 3.6.4-debian-12-r4 (legacy) #569

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
vbuddhavarapu-infoblox wants to merge 2 commits into
base: main
Choose a base branch
from
Open

PTCI-3293: Fixing vulns update etcd to Bitnami 3.6.4-debian-12-r4 (legacy) #569

vbuddhavarapu-infoblox wants to merge 2 commits into from
+7 −7

Conversation

@vbuddhavarapu-infoblox
Copy link
Contributor

@vbuddhavarapu-infoblox vbuddhavarapu-infoblox commented Jan 7, 2026
edited
Loading

  • Updated values.yaml: docker.io/bitnami/etcd:3.6.4-debian-12-r4
  • Updated values-production.yaml: docker.io/bitnami/etcd:3.6.4-debian-12-r4
  • Updated Chart.lock with helm dependency update

Note: Bitnami has removed most public bitnami/* images from Docker Hub,
including bitnami/etcd.
Using legacy images that are still available on Docker Hub.

Vulnerabilities scan results -
before changes
Critical - 17
High - 73
Total - 90

After changes
Critical - 0
High - 32
Total - 32

Total 52 vulns got reduced

@vbuddhavarapu-infoblox
PTCI-3293: Switch from Bitnami etcd to CoreOS first-party etcd image
c9f2176 
- Updated etcd image from docker.io/bitnami/etcd to quay.io/coreos/etcd:v3.6.7
- Updated both values.yaml (3.5.25-debian-12-r0 -> v3.6.7) and values-production.yaml (3.4.14-debian-10-r0 -> v3.6.7)
- Updated comments to reference CoreOS etcd repository
- Refreshed Chart.lock with helm dependency update
- Addresses reviewer feedback to use first-party etcd image
@vbuddhavarapu-infoblox vbuddhavarapu-infoblox requested a review from a team as a code owner January 7, 2026 10:17
@vbuddhavarapu-infoblox vbuddhavarapu-infoblox requested review from Calebjh and kd7lxl and removed request for Calebjh January 7, 2026 10:22
@vbuddhavarapu-infoblox vbuddhavarapu-infoblox changed the title PTCI-3293: Switch from Bitnami etcd to CoreOS first-party etcd image PTCI-3293: Update etcd to Bitnami 3.6.4-debian-12-r4 (legacy) Jan 7, 2026
@vbuddhavarapu-infoblox vbuddhavarapu-infoblox changed the title PTCI-3293: Update etcd to Bitnami 3.6.4-debian-12-r4 (legacy) PTCI-3293: Fixing vulns update etcd to Bitnami 3.6.4-debian-12-r4 (legacy) Jan 7, 2026
kd7lxl
kd7lxl reviewed Jan 7, 2026
View reviewed changes
Copy link
Contributor

@kd7lxl kd7lxl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This differs from what you said you were going to do: #568 (comment)

@vbuddhavarapu-infoblox
PTCI-3293: Update etcd to Bitnami 3.6.4-debian-12-r4 (legacy)
34f2722 
- Updated values.yaml: docker.io/bitnami/etcd:3.6.4-debian-12-r4
- Updated values-production.yaml: docker.io/bitnami/etcd:3.6.4-debian-12-r4
- Updated Chart.lock with helm dependency update

Note: Bitnami has removed most public bitnami/* images from Docker Hub,
including bitnami/etcd.
Using legacy images that are still available on Docker Hub.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kd7lxl kd7lxl kd7lxl left review comments

@ddhondaley ddhondaley ddhondaley approved these changes

@Calebjh Calebjh Awaiting requested review from Calebjh

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vbuddhavarapu-infoblox @kd7lxl @ddhondaley