Camunda 8 Helm Chart Update and the Future of Bitnami Sub-Charts

The recent migration of Bitnami’s public container images to a legacy, unmaintained repository has sent ripples through the Kubernetes ecosystem. Organizations that rely on bundled sub‑charts for essential services such as PostgreSQL, Elasticsearch, and Keycloak now face unpatched vulnerabilities and potential deployment failures. This change underscores the growing importance of image provenance and the need for enterprises to scrutinize third‑party dependencies, especially when those components form the backbone of critical business processes.

Camunda’s response is a carefully staged transition that balances continuity with modernization. Version 8.8 preserves existing deployments by pointing to the legacy repository while offering enterprise‑grade images hosted in Camunda’s private registry, ensuring immediate security remediation for customers willing to adopt them. The subsequent 8.9 release disables the infrastructure sub‑charts by default, nudging users toward external, managed services or dedicated operators like CloudNativePG and the Keycloak Operator. By 8.10, Camunda will have fully decoupled its Helm chart from Bitnami, delivering a cleaner separation of concerns that enhances upgrade reliability and operational clarity.

For practitioners, the roadmap translates into concrete actions: migrate to Camunda’s enterprise images for short‑term risk mitigation, evaluate managed cloud offerings or Kubernetes operators for long‑term infrastructure, and leverage Camunda’s migration guides to test external connections before production upgrades. This strategic shift not only safeguards against legacy image vulnerabilities but also aligns Camunda deployments with industry best practices for cloud‑native architecture, positioning users for smoother scaling, compliance, and future innovation.