cleanstart/helm

Verified Publisher

By CleanStart

•Updated 35 minutes ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
0

50K+

cleanstart/helm repository overview

Container Documentation for Helm

Enterprise-grade Helm container image providing the official Helm package manager for Kubernetes. This container includes the complete Helm CLI toolset for managing Kubernetes applications, with added security hardening and enterprise features for production deployments. Ideal for CI/CD pipelines, DevOps automation, and Kubernetes application lifecycle management.

šŸ“Œ Base Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments from Cleanstart Registry.

Key Features Core capabilities and strengths of this container

  • Official Helm CLI with enterprise security hardening
  • Multi-architecture support for diverse deployment environments
  • Integrated security scanning and FIPS compliance
  • Optimized for CI/CD pipeline integration

Common Use Cases Typical scenarios where this container excels

  • Kubernetes application deployment automation
  • CI/CD pipeline chart management
  • Development and testing of Helm charts
  • Production release management

Pull Latest Image Download the container image from the registry

docker pull cleanstart/helm:latest
docker pull cleanstart/helm:latest-dev

Basic Run Run the container with basic configuration

docker run -it --name helm-test cleanstart/helm:latest-dev

Production Deployment Deploy with production security settings

docker run -d --name helm-prod \
  --read-only \
  --security-opt=no-new-privileges \
  --user 1000:1000 \
  cleanstart/helm:latest

Volume Mount Mount local directory for persistent data

docker run -v $(pwd)/.helm:/home/user/.helm cleanstart/helm:latest

Port Forwarding Run with custom port mappings

docker run -p 8080:80 cleanstart/helm:latest

Environment Variables Configuration options available through environment variables

VariableDefaultDescription
HELM_CACHE_HOME/home/user/.helm/cacheHelm cache directory location
HELM_CONFIG_HOME/home/user/.helmHelm configuration directory
HELM_DATA_HOME/home/user/.helmHelm data directory
HELM_DEBUGfalseEnable verbose output

Security Best Practices Recommended security configurations and practices

  • Use specific version tags instead of latest
  • Mount Helm configuration as read-only volumes
  • Implement proper RBAC for Kubernetes access
  • Regularly update to latest security patches
  • Use separate credentials for different environments
  • Enable audit logging for all Helm operations

Kubernetes Security Context Recommended security context for Kubernetes deployments

securityContext:
  runAsNonRoot: true
  runAsUser: 1000
  runAsGroup: 1000
  readOnlyRootFilesystem: true
  allowPrivilegeEscalation: false
  capabilities:
    drop: ["ALL"]

Multi-Platform Images

docker pull --platform linux/amd64 cleanstart/helm:latest
docker pull --platform linux/arm64 cleanstart/helm:latest

⁠Documentation Resources

Essential links and resources for further information

CleanStart Images: https://images.cleanstart.com/⁠

Community Images:
Docker Hub: https://hub.docker.com/u/cleanstart⁠
GitHub: https://github.com/cleanstart-containers⁠
AWS ECR Public Gallery: https://gallery.ecr.aws/cleanstart/⁠

Presence on Social Media:
Community: https://www.linkedin.com/groups/18324021/⁠
YouTube: https://www.youtube.com/@CleanStartOfficial⁠

Contribute to Container Use Cases: https://github.com/cleanstart-dev/cleanstart-use-cases/⁠


Vulnerability Disclaimer

CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.

Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.

Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.

Tag summary

Content type

Image

Digest

sha256:44398e677…

Size

48.1 MB

Last updated

35 minutes ago

docker pull cleanstart/helm:4.2.3-amd64