SUSE Application Collection at KubeCon EU 2026: 141 Applications, a New Version Comparator, and a Year of Momentum

One year ago, SUSE Application Collection was a curated library of 74 trusted Kubernetes applications. Today, as we head into KubeCon EU 2026 in Amsterdam, it has nearly doubled to 141 applications and serves 10,000 pulls per day. We continue to bring to life the vision we’ve pursued from the start: applications are first-class citizens – not just images, not just containers, but complete, deployable units built, scanned, and attested as a whole. The new integrated version comparator is a perfect illustration: compare any two versions of the same application and see exactly what changed, from the Helm chart level down to individual packages and CVEs.

Here’s what’s new, what’s growing, and why it matters.

Applications as First-Class Citizens – and Why That’s Hard

Most cloud-native registries give you images. That’s useful, but an image is not an application. A PostgreSQL image is not a PostgreSQL deployment. The distance between a container image and a running, production-ready workload in Kubernetes is filled with Helm charts, dependency wiring, configuration defaults, and operational assumptions that somebody has to get right.

SUSE Application Collection takes a different approach: applications are the unit of delivery, not images. When PostgreSQL, Kafka, or Grafana appears in the Collection, it means the entire stack – base image, runtime, application code, Helm chart – has been built, packaged, scanned, attested, and distributed as a coherent, deployable unit. One artifact that works the same way on a developer’s workstation (via SUSE Rancher Developer Access) and in a production Rancher Prime cluster.

This is harder to do. Maintaining full applications across their dependency trees, keeping every layer updated and scanned, tracking upstream releases while ensuring zero-to-low CVEs at every level – that takes serious engineering. But it’s also what makes the Collection genuinely useful: you’re not assembling puzzle pieces from different sources and hoping they fit. You’re deploying something that was built to work as a whole.

And it’s what makes the new version comparator possible.

The Application Version Comparator

When your team needs to decide whether to upgrade an application, the question is never just “what’s the changelog?” It’s: what CVEs does this fix? What new ones does it introduce? What packages changed across every component? How does the footprint compare?

Getting those answers typically means stitching together multiple scanning tools, changelogs, and manual investigation – and even then, you’re usually looking at individual containers, not the full application as deployed.

The new version comparator in SUSE Application Collection answers all of this in one place, at two levels of depth.

Application-level overview

Pick two versions of the same application and instantly see what changed across every component in the Helm chart. Take Argo CD as an example – comparing two recent versions shows:

SUSE Application Collection Helm charts comparison

In one glance, you know exactly what moved in every component of the application – versions, packages, size, and critically, how many vulnerabilities were fixed. No digging through five different registries or changelogs. The information that matters most for an upgrade decision is right there.

Component-level drill-down

Need to go deeper? Click into any component – say, the apache-kafka image – and get the full picture:

• Exact package versions: which system packages were updated (glibc, libgcc, libstdc++…), with precise version numbers
• CVE changes: which vulnerabilities appeared or were resolved between the two versions
• Image metadata: digest, size delta, base image version, OCI annotations

SUSE Application Collection images metadata comparison

Because the Collection treats applications as complete, multi-component units, this comparison reflects the thing you actually deploy, not just one container in isolation. Developers, operations teams, and security teams all see the same picture, which means upgrade decisions become faster, more informed, and far less risky.

A Year of Growth

The numbers tell a clear story. Year-over-year, since KubeCon EU 2025:

Plus: 327 new branches, 75,000+ artifacts built, named user accounts up 3x, and service accounts up 9x – a clear signal that teams are integrating the Collection into their automated pipelines, not just browsing it.

What’s New Since KubeCon NA 2025

Since our last major announcement last November, we’ve added 29 new applications to the Collection. Here are the highlights:

CloudNativePG: Enterprise-Grade PostgreSQL for Kubernetes

Worth highlighting separately: CloudNativePG is now available as part of the SUSE Application Collection Suite subscription. As a Kubernetes-native operator for PostgreSQL, it addresses a critical enterprise need: running production databases on Kubernetes with automated failover, backup, and lifecycle management. This is the kind of application that operations teams rely on for their most sensitive workloads, and we’re making it available to our Suite customers.

Milvus. The open-source vector database for AI workloads joins the Collection. For teams building RAG pipelines, semantic search, or AI-powered applications, Milvus is a critical piece of infrastructure, and having it as a trusted, attested application means one less component to vet independently.

Traefik Proxy (with FIPS variant). With the evolving landscape around NGINX Ingress, many organizations are actively evaluating alternatives. Traefik Proxy is now available in the Collection as a trusted, production-ready option, including a FIPS variant for organizations with sovereignty and compliance requirements. It joins an already deep networking stack alongside Istio, Envoy, and Caddy (also new), giving teams real choice without compromising on trust.

Apache Airflow. One of the most widely used workflow orchestration platforms joins the Collection. Combined with the existing PostgreSQL, Kafka, and Redis, the Collection now covers a deep data stack, from orchestration and processing to storage and caching.

Helm 4. The Kubernetes package manager itself is now in the Collection. It’s a fitting addition: the tool that deploys applications should meet the same trust standard as the applications it deploys.

Developer tools: crane, ko, Ruby, vacuum, and more. The developer catalog continues to expand, and every addition matters. crane and ko for container image workflows, Ruby for language runtime, vacuum for OpenAPI linting. These are tools developers reach for every day. Having them in the Collection means they’re covered by the same trust guarantees as everything else, and they’re immediately available through SUSE Rancher Developer Access on the developer’s local workstation. The goal remains the same: a complete, trusted toolchain from base image to CLI tool, without reaching for unvetted sources.

BCI Base Images. SUSE Linux BCI Base, BCI Micro, and BCI BusyBox are now available directly in the Collection, including FIPS variants. These are the foundations that every other application in the Collection is built on. Making them available here gives teams full visibility and consistency from the base layer up.

From Developer Workstation to Production Cluster

Everything in the Collection is available across the full SUSE Rancher lifecycle. Developers access it locally through SUSE Rancher Developer Access and Rancher Desktop – with a 30-day free trial now available. In production, the same content is delivered through SUSE Rancher Prime. Same artifacts, same attestations, same trust – from inner loop to deployment.

If you missed the Rancher Developer Access announcement, read the full blog post here <insert link>.

Explore It

SUSE Application Collection is available at apps.rancher.io. Browse the catalog, try the version comparator, and see the full list of what’s available. 

See It Live at KubeCon Europe 2026

We’ll be showcasing the version comparator and the full Collection at KubeCon + CloudNativeCon Europe in Amsterdam, March 23–26, 2026. Stop by the SUSE booth, we’d love to walk you through it.

Come see us at KubeCon EU in Amsterdam. Visit the SUSE booth, join our sessions, and experience firsthand what an AI-native cloud native platform can do for your organization.

For the latest updates, visit suse.com/kubecon and follow us on social media throughout the week.