diff --git a/bitnami/jenkins/CHANGELOG.md b/bitnami/jenkins/CHANGELOG.md
index 83c649b0d9..94925884da 100644
--- a/bitnami/jenkins/CHANGELOG.md
+++ b/bitnami/jenkins/CHANGELOG.md
@@ -1,8 +1,12 @@
# Changelog
-## 13.4.28 (2024-11-28)
+## 13.5.0 (2024-12-10)
-* [bitnami/jenkins] Release 13.4.28 ([#30664](https://github.com/bitnami/charts/pull/30664))
+* [bitnami/jenkins] Detect non-standard images ([#30905](https://github.com/bitnami/charts/pull/30905))
+
+## 13.4.28 (2024-11-28)
+
+* [bitnami/jenkins] Release 13.4.28 (#30664) ([4b3a80d](https://github.com/bitnami/charts/commit/4b3a80d615308fddf33150c42e35da20dfad6ebb)), closes [#30664](https://github.com/bitnami/charts/issues/30664)
## 13.4.27 (2024-11-04)
diff --git a/bitnami/jenkins/Chart.lock b/bitnami/jenkins/Chart.lock
index e80651fed3..97b31fab9e 100644
--- a/bitnami/jenkins/Chart.lock
+++ b/bitnami/jenkins/Chart.lock
@@ -1,6 +1,6 @@
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
- version: 2.27.2
-digest: sha256:6fd86cc5a4b5094abca1f23c8ec064e75e51eceaded94a5e20977274b2abb576
-generated: "2024-11-28T10:53:11.550999106Z"
+ version: 2.28.0
+digest: sha256:5b30f0fa07bb89b01c55fd6258c8ce22a611b13623d4ad83e8fdd1d4490adc74
+generated: "2024-12-10T17:05:31.011457+01:00"
diff --git a/bitnami/jenkins/Chart.yaml b/bitnami/jenkins/Chart.yaml
index 34ea52eba5..e85e0814a1 100644
--- a/bitnami/jenkins/Chart.yaml
+++ b/bitnami/jenkins/Chart.yaml
@@ -35,4 +35,4 @@ maintainers:
name: jenkins
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/jenkins
-version: 13.4.28
+version: 13.5.0
diff --git a/bitnami/jenkins/README.md b/bitnami/jenkins/README.md
index 3026bae4c5..db19edaa0a 100644
--- a/bitnami/jenkins/README.md
+++ b/bitnami/jenkins/README.md
@@ -197,13 +197,14 @@ s
### Global parameters
-| Name | Description | Value |
-| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
-| `global.imageRegistry` | Global Docker image registry | `""` |
-| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
-| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
-| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
-| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
+| Name | Description | Value |
+| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `global.imageRegistry` | Global Docker image registry | `""` |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
+| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
+| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
+| `global.security.allowInsecureImages` | Allows skipping image verification | `false` |
+| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
### Common parameters
@@ -521,6 +522,10 @@ Find more information about how to deal with common errors related to Bitnami's
## Upgrading
+### To 13.5.0
+
+This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
+
### To 13.0.0
This major bump changes the following security defaults:
diff --git a/bitnami/jenkins/templates/NOTES.txt b/bitnami/jenkins/templates/NOTES.txt
index 4f4729cfeb..10ea719bb4 100644
--- a/bitnami/jenkins/templates/NOTES.txt
+++ b/bitnami/jenkins/templates/NOTES.txt
@@ -48,4 +48,5 @@ Did you know there are enterprise versions of the Bitnami catalog? For enhanced
{{- include "jenkins.checkRollingTags" . }}
{{- include "common.warnings.resources" (dict "sections" (list "agent" "" "tls" "volumePermissions") "context" $) }}
-{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.agent.image .Values.volumePermissions.image) "context" $) }}
\ No newline at end of file
+{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.agent.image .Values.volumePermissions.image) "context" $) }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.agent.image .Values.volumePermissions.image) "context" $) }}
diff --git a/bitnami/jenkins/values.yaml b/bitnami/jenkins/values.yaml
index ba38269b99..cbfc1f444f 100644
--- a/bitnami/jenkins/values.yaml
+++ b/bitnami/jenkins/values.yaml
@@ -20,6 +20,11 @@ global:
imagePullSecrets: []
defaultStorageClass: ""
storageClass: ""
+ ## Security parameters
+ ##
+ security:
+ ## @param global.security.allowInsecureImages Allows skipping image verification
+ allowInsecureImages: false
## Compatibility adaptations for Kubernetes platforms
##
compatibility: