Release Notes - 1.47.0💣
Please see our documentation page for more information on how to consume and deploy BigBang.
Upgrade Notices💣
Istio Upgrade:
- Istio was updated from 1.15.0 to 1.15.3 in this release
- Big Bang apps should be configured to automatically cycle for the latest sidecar config
- Make sure to cycle pods for any 3rd party or tenant applications manually to pull the new version in.
Gitlab Upgrade:
- Starting with version
15.5Gitlab in FIPS mode will disable Personal Access Tokens. - Registry1 Gitlab images ship with FIPS enablement at this point in time, here are steps to check if your images are running in FIPS mode.
BETA Packages:💣
- The Kyverno Policies package has graduated from and is no longer in BETA
- Please continue to provide feedback via Repo1 issues and MM chat if you run into any issues with Kyverno Policies
Upgrades from previous releases💣
If coming from a version pre-1.46.1, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.46.1.
Packages💣
| Package | Type | Package Version | BB Version |
|---|---|---|---|
 Istio Controlplane |
Core | Istio 1.15.3 Tetrate Istio Distro 1.15.1 |
1.15.3-bb.0 🔗 |
| Istio Operator |
Core | Istio Operator 1.15.3 Tetrate Istio Distro Operator 1.15.1 |
1.15.3-bb.0 🔗 |
| Jaeger |
Core | 1.39.0 |
2.37.0-bb.0 🔗 |
| Kiali | Core | 1.58.0 |
1.58.0-bb.0 |
| Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.1 |
| Gatekeeper | Core | 3.9.0 |
3.9.0-bb.3 |
| Kyverno |
Core | 1.8.0 |
2.6.0-bb.2 🔗 |
| Kyverno Policies |
Core | 1.0.1 |
1.0.1-bb.7 🔗 |
| Kyverno Reporter | Core | 2.10.0 |
2.13.1-bb.0 |
| Elasticsearch Kibana |
Core | Kibana 8.4.3 Elasticsearch 8.4.3 |
0.12.1-bb.1 🔗 |
| Eck Operator | Core | 2.4.0 |
2.4.0-bb.0 |
| Fluentbit |
Core | 2.0.3 |
0.20.10-bb.0 🔗 |
| Promtail | Core | 2.6.1 |
6.2.2-bb.2 |
| Loki | Core | 2.6.1 |
3.2.1-bb.3 |
| Tempo | Core | Tempo 1.5.0 Tempo Query 1.5.0 |
0.16.1-bb.2 |
| Monitoring |
Core | Prometheus 2.39.1 Grafana 9.2.2 Alertmanager 0.24.0 |
41.7.3-bb.0 🔗 |
| Twistlock | Core | 22.06.197 |
0.11.3-bb.2 |
| Argocd |
Addon | 2.4.12 |
5.5.7-bb.5 🔗 |
| Authservice | Addon | 0.5.2 |
0.5.2-bb.1 |
| Minio Operator | Addon | 4.5.3 |
4.5.3-bb.0 |
| Minio |
Addon | RELEASE.2022-11-08T05-27-07Z |
4.5.4-bb.0 🔗 |
| Gitlab |
Addon | 15.5.2 |
6.5.2-bb.0 🔗 |
| Gitlab Runner | Addon | 15.4.0 |
0.45.0-bb.2 |
| Nexus | Addon | 3.42.0-01 |
42.0.0-bb.0 |
| Sonarqube |
Addon | 8.9.10-community |
1.0.31-bb.1 🔗 |
| Haproxy | Addon | 2.2.21 |
1.12.0-bb.0 |
| Anchore Enterprise |
Addon | Enterprise 4.1.1 Engine 1.1.0 |
1.19.7-bb.3 🔗 |
| Mattermost Operator | Addon | 1.18.1 |
1.18.1-bb.1 |
| Mattermost | Addon | 7.4.0 |
7.4.0-bb.0 |
| Velero |
Addon | 1.9.2 |
2.31.8-bb.3 🔗 |
| Keycloak | Addon | Keycloak 18.0.2-legacy PlatformOne Plugin 1.2.0 |
18.2.1-bb.5 |
| Vault |
Addon | 1.11.3 |
0.22.0-bb.4 🔗 |
| Metrics Server |
Addon | 0.6.1 |
3.8.0-bb.5 🔗 |
Changes in 1.47.0💣
Big Bang MRs💣
- !2259: Add monitoring dependency on logging
- !2250: Fix broken links
- !2130: Add istio-init container exclusion for require-non-root-user
- !1588: Removed promtail condition from Loki values check
- !2241: Update BB Maintainers
- !2234: Grafana HA section for arch doc
- !2210: Modify authservice prefixes to use FQDN
- !2230: Updated loki cypress test resiliency
Istio Controlplane💣
- !2242: Update Istio to 1.15.3 (+ TID to 1.15.1)
# Changelog Updates
## [1.15.3-bb.0] - 2022-11-01
### Changed
- ironbank/opensource/istio/install-cni updated from 1.15.0 to 1.15.3
- ironbank/opensource/istio/pilot updated from 1.15.0 to 1.15.3
- ironbank/opensource/istio/proxyv2 updated from 1.15.0 to 1.15.3
- ironbank/tetrate/istio/install-cni updated from 1.14.4 to 1.15.1
- ironbank/tetrate/istio/istioctl updated from 1.14.4 to 1.15.1
- ironbank/tetrate/istio/pilot updated from 1.14.4 to 1.15.1
- ironbank/tetrate/istio/proxyv2 updated from 1.14.4 to 1.15.1
Istio Operator💣
- !2242: Update Istio to 1.15.3 (+ TID to 1.15.1)
# Changelog Updates
## [1.15.3-bb.0]
### Changed
- Updated repo1 image to `1.15.3`
- Updated TID tag to 1.15.1
Jaeger💣
- !2249: Update Jaeger to 1.39.0
# Changelog Updates
## [2.37.0-bb.0]
### Changed
- Updated Jaeger images to 1.39.0 (latest operator version)
Kyverno💣
- !2252: Kyverno: Update kubectl image
# Changelog Updates
## [2.6.0-bb.2] - 2022-10-5-28
### Added
- Added pull policy arg to kyverno deployment and network policy for container registries
## [2.6.0-bb.1] - 2022-11-01
### Changed
- Updated Kubectl image to 1.25.3
Kyverno Policies💣
- !2248: Modify Kyverno Policies: Run as non root container exclusions
# Changelog Updates
## [1.0.1-bb.7] - 2022-10-25
### Changed
- Changed `require-non-root-user` to support container exclusions
Elasticsearch Kibana💣
- !2244: Enable elasticsearch metrics mTLS
# Changelog Updates
## [0.12.1-bb.1] - 2022-11-09
### Changed
- Support for metrics mTLS
### Added
- Add PeerAuthentication for metrics
Fluentbit💣
- !2255: Updated fluentbit git tag
# Changelog Updates
## [0.20.10-bb.0]
### Changed
- Updated upstream helm chart tag `0.20.10`
- Updated fluent-bit image to `2.0.3` from IB
Monitoring💣
- !2231: monitoring update pipeline check
# Changelog Updates
## [41.7.3-bb.0]
### Added
- Updated Monitoring chart version to `41.7.3`
Argocd💣
- !2247: Add job to argocd to add annotations
# Changelog Updates
## [5.5.7-bb.5] - 2022-11-9
### Fixed
- Removed helm template value in upgrade job that was preventing the job's sidecar from terminating
## [5.5.7-bb.4] - 2022-11-9
### Added
- Job sidecar termination
## [5.5.7-bb.3] - 2022-11-7
### Added
- Job that adds annotations and labels to custom resource definitions so they can be managed by helm
Minio💣
- !2258: Minio update to 2022-11-08T05-27-07Z
# Changelog Updates
## [4.5.4-bb.0] - 2022-11-14
### Updated
- Update MinIO to `RELEASE.2022-11-08T05-27-07Z`
- Update chart to v4.5.4
Gitlab💣
# Changelog Updates
## [6.5.2-bb.0] - 2022-11-08
### Changed
- Updated to helm chart to 6.5.2 and appVersion to 15.5.2
- ironbank/gitlab/gitlab/gitlab-webservice patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/alpine-certificates patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter minor 15.4.1 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse patch 15.5.0 -> 15.5.2
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl patch 15.5.0 -> 15.5.2
## [6.5.0-bb.0] - 2022-11-07
### Changed
- Updated to helm chart to 6.5.0 and appVersion to 15.5.0
- ironbank/gitlab/gitlab/gitlab-webservice minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter minor v1.44.0 -> v1.45.0
- registry1.dso.mil/ironbank/gitlab/gitlab/alpine-certificates minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl minor 15.4.1 -> 15.5.0
- registry1.dso.mil/ironbank/opensource/minio/mc patch RELEASE.2022-10-01T07-56-14Z -> RELEASE.2022-10-29T10-09-23Z
- registry1.dso.mil/ironbank/opensource/minio/minio patch RELEASE.2022-10-02T19-29-29Z -> RELEASE.2022-10-29T06-21-33Z
## [6.4.1-bb.3] - 2022-11-04
### Changed
- Modify Istio VirtualService to block metrics endpoint
Sonarqube💣
# Changelog Updates
## [1.0.31-bb.1] - 2022-11-14
### Added
- Added (back) ability to override cacert command/args
## [1.0.31-bb.0] - 2022-11-14
### Updated
- Updated to version `sonarqube-lts-1.0.31` of upstream helm chart and version 8.9.10 of sonarqube
Anchore Enterprise💣
- !2232: Anchore metrics mtls
# Changelog Updates
## [1.19.7-bb.3]
### Changed
- Added support for metrics mTLS
### Updated
- upgraded the Redis sub chart to get support for metrics mTLS
Velero💣
- !2256: Updated velero plugin images
# Changelog Updates
## [2.31.8-bb.3]
### Update
- updated velero plugins to latest IB versions
Vault💣
- !2257: Vault: Update Minio subchart
# Changelog Updates
## [0.22.0-bb.4] - 2022-11-14
### Updated
- Updated minio dependency chart to `4.5.3-bb.1`
Metrics Server💣
- !2239: Test: enable metricsServer in test values with bbtests
# Changelog Updates
## [3.8.0-bb.5]
### Added
- Added bbtests structure and script tests
Known Issues💣
- On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future💣
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.