Hello, SysDig team!
First of all, thank you for maintaining this repository and providing Helm charts for Sysdig.
Currently, Helm charts are distributed via a traditional Helm repository (index.yaml hosted on GitHub Pages), which requires users to add the repo with:
helm repo add sysdig https://charts.sysdig.com
helm repo update
However, modern Helm versions (>= 3.8) provide native support for OCI-based registries, which are now generally available and recommended for storing and distributing Helm charts.
It is easier and safer to deploy from an OCI repository, as it allows me to pin not only the chart version but also its SHA256 digest (and even verify signatures, if provided). This enables me to safely use automated synchronization in my GitOps solutions (Argo CD, Flux).
With traditional Helm chart repositories, on the other hand, there is always a potential risk of a MITM attack.
Hello, SysDig team!
First of all, thank you for maintaining this repository and providing Helm charts for Sysdig.
Currently, Helm charts are distributed via a traditional Helm repository (index.yaml hosted on GitHub Pages), which requires users to add the repo with:
However, modern Helm versions (>= 3.8) provide native support for OCI-based registries, which are now generally available and recommended for storing and distributing Helm charts.
It is easier and safer to deploy from an OCI repository, as it allows me to pin not only the chart version but also its SHA256 digest (and even verify signatures, if provided). This enables me to safely use automated synchronization in my GitOps solutions (Argo CD, Flux).
With traditional Helm chart repositories, on the other hand, there is always a potential risk of a MITM attack.