Resolving Bitnami legacy repository verification error

Supporting your customers
,
1

Following Bitnami’s recent announcement about public catalog, your application may adopt the Bitnami Legacy repository as a temporary workaround. This involves changing image repositories from bitnami to bitnamilegacy and pin the chart versions to maintain compatibility with existing infrastructure.

However, this simple change can cause unexpected deployment failures in Replicated application.

When Check for update in KOTS Admin Console. Your application update may fail with error similar to this

failed to pull: failed to write rendered: failed to write helm rendered: failed to template helm chart for rendered dir: failed to run helm install: execution error at (fake-service/charts/grafana/templates/NOTES.txt:38:4): ⚠ ERROR: Original containers have been substituted for unrecognized ones. Deploying this chart with non-standard containers is likely to cause degraded security and performance, broken chart features, and missing environment variables. Unrecognized images: - docker.io/bitnamilegacy/grafana:11.3.0-debian-12-r3 If you are sure you want to proceed with non-standard containers, you can skip container image verification by setting the global parameter 'global.security.allowInsecureImages' to true. Further information can be obtained at https://github.com/bitnami/charts/issues/30850

image
image1632×1078 133 KB

Bitnami Helm charts include built-in template validation that verifies container images match the pattern docker.io/bitnami/*.

This validation check prevents both helm template and helm install from executing successfully, regardless of whether you’re using:

  • Bitnami Legacy images (docker.io/bitnamilegacy/*)

  • Air-gapped install private registry (<ip>/<app-slug>/*)

  • Any other non-standard image location, e.g. public.ecr.aws/bitnami

To resolve this issue, follow Bitnami suggestion and add the below parameter to your Helm chart values

global:
  security:
    allowInsecureImages: true

With KOTS HelmChart resource

apiVersion: kots.io/v1beta2
kind: HelmChart
metadata:
  name: <your-chart>
spec:
  chart:
    name: <your-chart>
    chartVersion: 0.0.1
  values:
    global:
      security:
        allowInsecureImages: true