diff --git a/bitnami/fluentd/CHANGELOG.md b/bitnami/fluentd/CHANGELOG.md
index c7216e04553d31..ddff385a511711 100644
--- a/bitnami/fluentd/CHANGELOG.md
+++ b/bitnami/fluentd/CHANGELOG.md
@@ -1,8 +1,13 @@
# Changelog
-## 7.0.3 (2024-11-29)
+## 7.1.0 (2024-12-10)
-* [bitnami/fluentd] Release 7.0.3 ([#30679](https://github.com/bitnami/charts/pull/30679))
+* [bitnami/fluentd] Detect non-standard images ([#30877](https://github.com/bitnami/charts/pull/30877))
+
+## 7.0.3 (2024-11-29)
+
+* [bitnami/*] docs: :memo: Add "Prometheus metrics" (batch 2) (#30662) ([50e0570](https://github.com/bitnami/charts/commit/50e0570f98ab15308af7910b405baa4480e5fe3f)), closes [#30662](https://github.com/bitnami/charts/issues/30662)
+* [bitnami/fluentd] Release 7.0.3 (#30679) ([a427241](https://github.com/bitnami/charts/commit/a4272412d4d43d8921beda27403b38990b0dd95a)), closes [#30679](https://github.com/bitnami/charts/issues/30679)
## 7.0.2 (2024-11-09)
diff --git a/bitnami/fluentd/Chart.lock b/bitnami/fluentd/Chart.lock
index be1e69bee946aa..b79117586f60b2 100644
--- a/bitnami/fluentd/Chart.lock
+++ b/bitnami/fluentd/Chart.lock
@@ -1,6 +1,6 @@
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
- version: 2.27.2
-digest: sha256:6fd86cc5a4b5094abca1f23c8ec064e75e51eceaded94a5e20977274b2abb576
-generated: "2024-11-29T07:48:53.698024027Z"
+ version: 2.28.0
+digest: sha256:5b30f0fa07bb89b01c55fd6258c8ce22a611b13623d4ad83e8fdd1d4490adc74
+generated: "2024-12-10T16:59:12.663224+01:00"
diff --git a/bitnami/fluentd/Chart.yaml b/bitnami/fluentd/Chart.yaml
index 150f290f1f499f..5dcd21c9dcd8f2 100644
--- a/bitnami/fluentd/Chart.yaml
+++ b/bitnami/fluentd/Chart.yaml
@@ -30,4 +30,4 @@ maintainers:
name: fluentd
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/fluentd
-version: 7.0.3
+version: 7.1.0
diff --git a/bitnami/fluentd/README.md b/bitnami/fluentd/README.md
index 0bcce2ad804be8..3e3673bf2b63b0 100644
--- a/bitnami/fluentd/README.md
+++ b/bitnami/fluentd/README.md
@@ -229,13 +229,14 @@ TLS for the Fluentd can be enabled by setting `tls.enabled=true`. The chart allo
### Global parameters
-| Name | Description | Value |
-| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
-| `global.imageRegistry` | Global Docker image registry | `""` |
-| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
-| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
-| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
-| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
+| Name | Description | Value |
+| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `global.imageRegistry` | Global Docker image registry | `""` |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
+| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
+| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
+| `global.security.allowInsecureImages` | Allows skipping image verification | `false` |
+| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
### Common parameters
@@ -558,6 +559,10 @@ Find more information about how to deal with common errors related to Bitnami's
## Upgrading
+### To 7.1.0
+
+This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
+
### To 7.0.0
Starting version 7.0.0, using different images for aggregator and forwarder is no longer supported.
diff --git a/bitnami/fluentd/templates/NOTES.txt b/bitnami/fluentd/templates/NOTES.txt
index eb26cb54e534c8..8646f759b8137a 100644
--- a/bitnami/fluentd/templates/NOTES.txt
+++ b/bitnami/fluentd/templates/NOTES.txt
@@ -57,3 +57,4 @@ In order to replicate the container startup scripts execute this command:
{{- include "fluentd.checkRollingTags" . -}}
{{- include "common.warnings.resources" (dict "sections" (list "aggregator" "forwarder") "context" $) }}
{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image) "context" $) }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.image) "context" $) }}
diff --git a/bitnami/fluentd/values.yaml b/bitnami/fluentd/values.yaml
index 2f5ab4bd1f3659..b206c273243cb2 100644
--- a/bitnami/fluentd/values.yaml
+++ b/bitnami/fluentd/values.yaml
@@ -20,6 +20,11 @@ global:
imagePullSecrets: []
defaultStorageClass: ""
storageClass: ""
+ ## Security parameters
+ ##
+ security:
+ ## @param global.security.allowInsecureImages Allows skipping image verification
+ allowInsecureImages: false
## Compatibility adaptations for Kubernetes platforms
##
compatibility: