Response To CVE-2019-25210
Thu, Mar 14, 2024
CVE-2019-25210 was recently filed against the Helm project. This action was completed without engaging the Helm project and working through the documented security process and team. The Helm project was given no notice before the disclosure was released which resulted in the inability to provide an appropriate statement beforehand. This post serves as the response from the Helm project. Not A Vulnerability In Helm The Helm project rejects this disclosure’s assertion of a vulnerability within Helm. Read More…
Helm 3.13
Fri, Sep 29, 2023
Helm 3.13 brings some significant and useful changes for Helm users. This ranges from longtime bugs being fixed to some new features that can have an impact on performance. Dry-run & Template Can Connect To Servers The dry-run feature on install and upgrade, and Helm template has not been able to communicate with Kubernetes servers. This is for security and because Helm template was designed for template rendering alone. With Helm 3. Read More…
The Helm OCI MediaTypes
Mon, May 15, 2023
Helm introduced full support for storing charts within OCI registries as a distribution method beginning in version 3.8, and while this feature has been available for some time now, there is more underneath the hood than one may realize to make this capability all possible. A number of concepts, working in unison, make it possible to store content aside from traditional container images within OCI registries. This article will explore one of these important concepts, Media Types, their purpose, and how Helm’s own set of Media Types make it possible to extend the storage of charts beyond standard chart repositories to OCI registries. Read More…
Helm Completes Fuzzing Security Audit
Fri, Mar 31, 2023
In the past year, the team at Ada Logics has worked on integrating continuous fuzzing into the Helm core project. This was an effort focused on improving the security posture of Helm and ensuring a continued good experience for Helm users. The fuzzing integration involved enrolling Helm in the OSS-Fuzz project and writing a set of fuzzers that further enriches the test coverage of Helm. In total, 38 fuzzers were written, and nine bugs were found (with eight fixed so far), demonstrating the work’s value for Helm both short term and long term. Read More…
Helm welcomes yxxhero as our newest helm-www repo maintainer
Mon, Nov 14, 2022
The Helm project is happy to welcome yxxhero as our newest maintainer for the helm-www repo!
Read More…Helm @ KubeCon + CloudNativeCon NA '22
Fri, Oct 14, 2022
The Helm maintainers are excited to be headed to KubeCon + CloudNativeCon NA '22 in Detroit, MI in a couple of weeks! As always, there will be a few different places you can find us!
Read More…Tools You Can Use To Manage Your Helm Releases Declaratively
Tue, Apr 19, 2022
We regularly get questions from people who want tools or methods to manage their Helm releases in an environment. This post provides some insight and direction to help people get started.
Read More…Storing Helm Charts in OCI Registries
Mon, Feb 28, 2022
With the release of Helm 3.8.0, Helm is able to store and work with charts in container registries, as an alternative to Helm repositories. This feature, which used to be an experimental feature, is now generally available.
Read More…Karen Chu Joins Helm Org Maintainers
Tue, Jan 11, 2022
The Helm organization is thrilled to introduce Karen Chu as the latest member of the Helm org maintainers. She will be the ninth committee member. Karen has been active in the Helm ecosystem since day one when Rimas, Jack, and I first started the project. She was instrumental in Helm's early branding, organized both of the Helm Summits, and leads Helm's community management team. You may also know her from her Helm-adjacent work as the co-creator of the Illustrated Children's Guide to Kubernetes series or her role as a CNCF ambassador. Read More…
Martin Hickey Joins Helm Org Maintainers
Thu, Jun 24, 2021
Meet Helm's newest org maintainer: Martin Hickey. Martin has been a longtime Helm project maintainer. He was instrumental in the development of Helm 3, and has been one of the most active maintainers on the project. He is also one of the creators of the Helm 2-to-3 migration plugin. This week, the Helm maintainers voted to elect Martin onto the Helm Org Maintainers board. In this new role, Martin will help shape not just Helm, but the many projects that are hosted together with Helm. Read More…