[bitnami/tomcat] Detect non-standard images (#30949)

* [bitnami/tomcat] Detect non-standard images Signed-off-by: Carlos Rodríguez Hernández <[email protected]> * Modify NOTES.txt Signed-off-by: Carlos Rodríguez Hernández <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <[email protected]> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <[email protected]> --------- Signed-off-by: Carlos Rodríguez Hernández <[email protected]> Signed-off-by: Bitnami Containers <[email protected]> Co-authored-by: Bitnami Containers <[email protected]>
bitnami · Dec 10, 2024 · 936a5de · 936a5de
1 parent bb3402c
commit 936a5de
Show file tree

Hide file tree

Showing 6 changed files with 25 additions and 7 deletions.
diff --git a/bitnami/tomcat/CHANGELOG.md b/bitnami/tomcat/CHANGELOG.md
@@ -1,8 +1,15 @@
 # Changelog
 
-## 11.3.3 (2024-12-10)
+## 11.4.0 (2024-12-10)
 
-* [bitnami/tomcat] Release 11.3.3 ([#30847](https://github.com/bitnami/charts/pull/30847))
+* [bitnami/tomcat] Detect non-standard images ([#30949](https://github.com/bitnami/charts/pull/30949))
+
+## <small>11.3.3 (2024-12-10)</small>
+
+* [bitnami/*] docs: :memo: Add "Backup & Restore" section (#30711) ([35ab536](https://github.com/bitnami/charts/commit/35ab5363741e7548f4076f04da6e62d10153c60c)), closes [#30711](https://github.com/bitnami/charts/issues/30711)
+* [bitnami/*] docs: :memo: Add "Prometheus metrics" (batch 6) (#30675) ([7b9cd04](https://github.com/bitnami/charts/commit/7b9cd04c2ffc730a0d62da787f2d4967c0ede47c)), closes [#30675](https://github.com/bitnami/charts/issues/30675)
+* [bitnami/*] docs: :memo: Add "Update Credentials" (batch 3) (#30688) ([10a49f9](https://github.com/bitnami/charts/commit/10a49f9ff2db1d9d11a6edd1c40a9f61803241bc)), closes [#30688](https://github.com/bitnami/charts/issues/30688)
+* [bitnami/tomcat] Release 11.3.3 (#30847) ([dccf562](https://github.com/bitnami/charts/commit/dccf562c26e63a321f60903fa46eac3ff59c2e94)), closes [#30847](https://github.com/bitnami/charts/issues/30847)
 
 ## <small>11.3.2 (2024-11-20)</small>
 

diff --git a/bitnami/tomcat/Chart.lock b/bitnami/tomcat/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: common
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 2.27.2
-digest: sha256:6fd86cc5a4b5094abca1f23c8ec064e75e51eceaded94a5e20977274b2abb576
-generated: "2024-12-10T03:20:07.728885862Z"
+  version: 2.28.0
+digest: sha256:5b30f0fa07bb89b01c55fd6258c8ce22a611b13623d4ad83e8fdd1d4490adc74
+generated: "2024-12-10T17:31:46.408395+01:00"
diff --git a/bitnami/tomcat/Chart.yaml b/bitnami/tomcat/Chart.yaml
@@ -35,4 +35,4 @@ maintainers:
 name: tomcat
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/tomcat
-version: 11.3.3
+version: 11.4.0
diff --git a/bitnami/tomcat/README.md b/bitnami/tomcat/README.md
@@ -181,6 +181,7 @@ You can enable this init container by setting `volumePermissions.enabled` to `tr
 | `global.imagePullSecrets`                             | Global Docker registry secret names as an array                                                                                                                                                                                                                                                                                                                     | `[]`       |
 | `global.defaultStorageClass`                          | Global default StorageClass for Persistent Volume(s)                                                                                                                                                                                                                                                                                                                | `""`       |
 | `global.storageClass`                                 | DEPRECATED: use global.defaultStorageClass instead                                                                                                                                                                                                                                                                                                                  | `""`       |
+| `global.security.allowInsecureImages`                 | Allows skipping image verification                                                                                                                                                                                                                                                                                                                                  | `false`    |
 | `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` |
 
 ### Common parameters
@@ -423,6 +424,10 @@ Find more information about how to deal with common errors related to Bitnami's
 
 ## Upgrading
 
+### To 11.4.0
+
+This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
+
 ### To 11.0.0
 
 This major bump changes the following security defaults:

diff --git a/bitnami/tomcat/templates/NOTES.txt b/bitnami/tomcat/templates/NOTES.txt
@@ -51,4 +51,5 @@ Did you know there are enterprise versions of the Bitnami catalog? For enhanced
 
 {{- include "tomcat.checkRollingTags" . }}
 {{- include "common.warnings.resources" (dict "sections" (list "metrics.jmx" "" "volumePermissions") "context" $) }}
-{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.jmx.image) "context" $) }}
+{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.jmx.image) "context" $) }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.jmx.image) "context" $) }}
diff --git a/bitnami/tomcat/values.yaml b/bitnami/tomcat/values.yaml
@@ -21,6 +21,11 @@ global:
   imagePullSecrets: []
   defaultStorageClass: ""
   storageClass: ""
+  ## Security parameters
+  ##
+  security:
+    ## @param global.security.allowInsecureImages Allows skipping image verification
+    allowInsecureImages: false
   ## Compatibility adaptations for Kubernetes platforms
   ##
   compatibility: