Conversation
cwrau
requested review from
marvinWolff,
tasches and
teutonet-bot
as code owners
WalkthroughThe change updates the Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Possibly related PRs
Suggested reviewers
Poem
Note ⚡️ Unit Test Generation is now available in beta!Learn more here, or try it out under "Finishing Touches" below. 📜 Recent review detailsConfiguration used: CodeRabbit UI 📒 Files selected for processing (3)
✅ Files skipped from review due to trivial changes (3)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Pull Request Overview
This PR migrates the kubectl container image from Bitnami to Rancher while maintaining the same kubectl version (1.33.3). The change replaces the base image source but keeps the same Kubernetes CLI functionality.
- Migrates kubectl image repository from
bitnami/kubectltorancher/kubectl - Updates the corresponding image tag and SHA256 digest to match the new Rancher-based image
- Maintains kubectl version 1.33.3 for consistency
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
charts/base-cluster/values.yaml (1)
69-71: Confirm runtime-level compatibility after switching from Bitnami to Rancher kubectl image
rancher/kubectlis a much slimmer image thanbitnami/kubectland drops the Debian userspace you previously depended on (bash,tar,gzip, CA certificates, non-root user, etc.). Any Helm hooks, init-containers or CI/CD jobs that relied on those extras may now fail at runtime even though the tag & digest resolve correctly.Action items
- Double-check all templated usages of
global.kubectl.image(e.g., Helm post-install hooks, backup/restore jobs, drift-detection scripts) to ensure they do not assume the presence of utilities that no longer exist.- Verify multi-arch support (arm64/amd64) of the new digest to avoid surprises on heterogeneous clusters.
- Re-run an ad-hoc
kubectl version --clientinside the new image to confirm the binary is still ≥ the control-plane version you target.If any of the above fails, consider either:
tag: 1.33.3-debian-12-r1 # (Bitnami) retains full Debian toolsetor layering the required tools via an in-house scratch/Distroless image.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
charts/base-cluster/values.yaml(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: check licenses
- GitHub Check: lint helm chart (base-cluster)
- GitHub Check: wait-for-checks
cwrau
force-pushed
the
chore/base-cluster/migrate-kubectl-image-away-from-bitnami
branch
from
55e218f to
6554d88
Compare
cwrau
force-pushed
the
chore/base-cluster/migrate-kubectl-image-away-from-bitnami
branch
from
6554d88 to
d07e053
Compare
marvinWolff
approved these changes
Jul 29, 2025
cwrau
deleted the
chore/base-cluster/migrate-kubectl-image-away-from-bitnami
branch
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Jul 31, 2025
🤖 I have created a release *beep* *boop* --- ## [9.1.0](base-cluster-v9.0.0...base-cluster-v9.1.0) (2025-07-31) ### Features * **base-cluster:** use new networkPolicy template ([#1414](#1414)) ([e433c02](e433c02)) ### Bug Fixes * **base-cluster/kyverno:** migrate to new `validationFailureAction` syntax ([#1621](#1621)) ([c3f16be](c3f16be)) * **base-cluster/monitoring:** also create metrics for resources without suspend field ([#1634](#1634)) ([964b34c](964b34c)) * **base-cluster/monitoring:** oauth-proxy serviceMonitor labels ([#1625](#1625)) ([86c1981](86c1981)) * **base-cluster/monitoring:** pin image-renderer version to ensure it's compatible ([#1631](#1631)) ([685592c](685592c)) ### Miscellaneous Chores * **base-cluster/dependencies:** update helm release kube-prometheus-stack to v75.15.1 ([#1610](#1610)) ([256cb8e](256cb8e)) * **base-cluster/dependencies:** update helm release loki to v6.33.0 ([#1618](#1618)) ([7e6a8e8](7e6a8e8)) * **base-cluster/dns:** migrate external-dns away from bitnami ([#1601](#1601)) ([7af34d2](7af34d2)) * **base-cluster/monitoring:** adjust metrics syntax ([#1562](#1562)) ([ebc2d74](ebc2d74)) * **base-cluster/monitoring:** migrate metrics-server away from bitnami ([#1604](#1604)) ([6a755d9](6a755d9)) * **base-cluster:** migrate kubectl image away from bitnami ([#1606](#1606)) ([6fe2410](6fe2410)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Introduced a new networkPolicy template in the base-cluster. * **Bug Fixes** * Updated kyverno component to use the latest `validationFailureAction` syntax. * Added metrics for resources in monitoring that lack a suspend field. * Corrected labels in the oauth-proxy serviceMonitor within monitoring. * Pinned image-renderer version to ensure compatibility. * **Chores** * Upgraded helm releases for kube-prometheus-stack and loki. * Migrated external-dns, metrics-server, and kubectl images away from bitnami. * Adjusted metrics syntax in monitoring. * **Documentation** * Added changelog entry for version 9.1.0. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
This was referenced Sep 25, 2025
This was referenced Oct 9, 2025
This was referenced Nov 28, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit