diff --git a/bitnami/cilium/CHANGELOG.md b/bitnami/cilium/CHANGELOG.md
index b7c59d07ef85ee..7996165564a7f8 100644
--- a/bitnami/cilium/CHANGELOG.md
+++ b/bitnami/cilium/CHANGELOG.md
@@ -1,8 +1,12 @@
# Changelog
-## 1.2.10 (2024-12-04)
+## 1.3.0 (2024-12-10)
-* [bitnami/cilium] Release 1.2.10 ([#30742](https://github.com/bitnami/charts/pull/30742))
+* [bitnami/cilium] Detect non-standard images ([#30870](https://github.com/bitnami/charts/pull/30870))
+
+## 1.2.10 (2024-12-04)
+
+* [bitnami/cilium] Release 1.2.10 (#30742) ([3dacf26](https://github.com/bitnami/charts/commit/3dacf2691af9ec913298ab440f5ab4d67620346f)), closes [#30742](https://github.com/bitnami/charts/issues/30742)
## 1.2.9 (2024-12-02)
diff --git a/bitnami/cilium/Chart.lock b/bitnami/cilium/Chart.lock
index bcbdec1a4c2074..2b4a26c494a0ef 100644
--- a/bitnami/cilium/Chart.lock
+++ b/bitnami/cilium/Chart.lock
@@ -1,9 +1,9 @@
dependencies:
- name: etcd
repository: oci://registry-1.docker.io/bitnamicharts
- version: 10.6.0
+ version: 10.6.1
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
- version: 2.27.2
-digest: sha256:043a12b7d886ec9b59b10d2647b4246290ff12ad60311714f2c4bbb2db5f7fc8
-generated: "2024-12-03T21:44:05.041359606Z"
+ version: 2.28.0
+digest: sha256:cff444d7dca4b6764481c66c668b1dd7c726e20ad49ccc66f49b24fa03e2b7f2
+generated: "2024-12-10T16:51:56.68626+01:00"
diff --git a/bitnami/cilium/Chart.yaml b/bitnami/cilium/Chart.yaml
index b8061744d2c6a8..e8e1f614c5692c 100644
--- a/bitnami/cilium/Chart.yaml
+++ b/bitnami/cilium/Chart.yaml
@@ -52,4 +52,4 @@ sources:
- https://github.com/bitnami/containers/tree/main/bitnami/hubble-relay
- https://github.com/bitnami/containers/tree/main/bitnami/hubble-ui
- https://github.com/bitnami/containers/tree/main/bitnami/hubble-ui-backend
-version: 1.2.10
+version: 1.3.0
diff --git a/bitnami/cilium/README.md b/bitnami/cilium/README.md
index 37325e2db04dfe..8cf79bc14b7f4b 100644
--- a/bitnami/cilium/README.md
+++ b/bitnami/cilium/README.md
@@ -184,13 +184,14 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
### Global parameters
-| Name | Description | Value |
-| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
-| `global.imageRegistry` | Global Docker image registry | `""` |
-| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
-| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
-| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
-| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
+| Name | Description | Value |
+| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `global.imageRegistry` | Global Docker image registry | `""` |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
+| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
+| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
+| `global.security.allowInsecureImages` | Allows skipping image verification | `false` |
+| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
### Common parameters
diff --git a/bitnami/cilium/templates/NOTES.txt b/bitnami/cilium/templates/NOTES.txt
index 8fb1f04d37317b..3761324bf8e7c8 100644
--- a/bitnami/cilium/templates/NOTES.txt
+++ b/bitnami/cilium/templates/NOTES.txt
@@ -103,3 +103,4 @@ To access the Hubble UI from outside the cluster follow the steps below:
{{- include "common.warnings.resources" (dict "sections" (list "agent" "agent.defaultInitContainers.buildConfig" "agent.defaultInitContainers.installCniPlugin" "agent.defaultInitContainers.mountBpf" "agent.defaultInitContainers.mountCgroup2" "agent.defaultInitContainers.cleanState" "agent.defaultInitContainers.waitForKubeProxy" "operator" "envoy" "hubble.relay" "hubble.ui.frontend" "hubble.ui.backend") "context" $) }}
{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.agent.image .Values.operator.image .Values.envoy.image .Values.hubble.relay.image .Values.hubble.ui.frontend.image .Values.hubble.ui.backend.image) "context" $) }}
{{- include "cilium.validateValues" . }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.agent.image .Values.operator.image .Values.envoy.image .Values.hubble.relay.image .Values.hubble.ui.frontend.image .Values.hubble.ui.backend.image) "context" $) }}
diff --git a/bitnami/cilium/values.yaml b/bitnami/cilium/values.yaml
index e2321b28843b1d..d4e41745a97ec3 100644
--- a/bitnami/cilium/values.yaml
+++ b/bitnami/cilium/values.yaml
@@ -21,6 +21,11 @@ global:
imagePullSecrets: []
defaultStorageClass: ""
storageClass: ""
+ ## Security parameters
+ ##
+ security:
+ ## @param global.security.allowInsecureImages Allows skipping image verification
+ allowInsecureImages: false
## Compatibility adaptations for Kubernetes platforms
##
compatibility: