1Password
bitnami helm chart changes
Bitnami recently announced some changes to their helm charts effective August 28, 2025. op-scim-helm chart uses the bitnami/redis chart. Is an update planned to account for this change?
Bitnami announcement: https://github.com/bitnami/charts/issues/35164
I invested some time in researching the best path forward this morning. Some options (not ranked in order of preference):
Swap to DragonflyDB
DragonflyDB is drop in replacement for Redis. Notably, it has a 1st party helm chart. It is BSL.
Change image.repository to point to docker.io/bitnamisecure/redis
Continue to use the bitnami helm chart, but change image.repository to point to docker.io/bitnamisecure/redis This drops 1PW's ability to choose the redis version, as only the :latest tag will be available in bitnamisecure Good for running the latest software, but not good for reliability/determinism.
Change image.repository to point to public.ecr.aws/bitnami/redis
Continue to use the bitnami helm chart, but change image.repository to point to public.ecr.aws/bitnami/redis (which will continue to have updates for the time being). Realistically, this seems like a short term workaround, as Broadcom will probably lock down public.ecr.aws/bitnami/* to have parity with docker.io/bitnami/*.
Change image.repository to point to docker.io/library/redis
Continue to use the bitnami helm chart, but change image.repository to point to docker.io/library/redis. This should work around their lockdown of docker.io/bitnami/redis. I don't know if docker.io/library/redis is compatible with docker.io/bitnami/redis yet.
Change image.repository to point to docker.io/bitnamilegacy/redis
Continue to use the bitnami helm chart, but change image.repository to point to docker.io/bitnamilegacy/redis. This is ok until redis puts out its next security release, and bitnami doesn't republish it.
Hello 1Password-Team.
Can you tell us what your plans are to solve the bitnami-issues? @Scetch: Do you or your team provide an option to use default Redis Images with your helm-chart?
Would be interesting what strategic way 1PW is going. We've facing same question as @mlgualtieri Since Broadcom is unfortunately no longer the most reliable partner, urgent action is required.
@wadells in production only legit path using bitnami would probably to use bitnamisecure by going behind the paywall due to inserting coins
SCIM bridge is not deployable right now because the Bitnami redis:latest image is no longer available. Just tried deploying on GCP:
Back-off pulling image "docker.io/bitnami/redis:latest": ErrImagePull: rpc error: code = NotFound desc = failed to pull and unpack image "docker.io/bitnami/redis:latest": failed to resolve reference "docker.io/bitnami/redis:latest": docker.io/bitnami/redis:latest: not found: ImagePullBackOff
We also faced the same issue with the OP helm chart today after a node restart.
I found an interim workaround:
- https://github.com/bitnami/containers/issues/83267 states that Bitnami has pushed their latest tags to a new repository called bitnamilegacy.
- Update this Helm chart deployment to use the bitnamilegacy repo:
redis:
image:
registry: docker.io
repository: bitnamilegacy/redis
tag: latest
pullPolicy: IfNotPresent
It looks like the 2.11.10 chart release has fixed this issue. https://github.com/1Password/op-scim-helm/releases/tag/op-scim-bridge-2.11.10