Release Notes - 1.50.0💣

Please see our documentation page for more information on how to consume and deploy BigBang.

Upgrade Notices💣

Istio Upgrade:

Istio was updated from 1.15.3 to 1.16.1 in this release
Big Bang apps should be configured to automatically cycle for the latest sidecar config
Make sure to cycle pods for any 3rd party or tenant applications manually to pull the new version in.

Kyverno Policies:

This release enables/enforces the disallow-namespaces policy in this change
By default this policy will block any pods from being created in the default and bigbang namespaces
To disable this policy or change the namespaces this is enforced on, add values like the below:

kyvernopolicies:
  values:
    policies:
    disallow-namespaces:
      enabled: true # enable/disable policy
      parameters:
        disallow: # modify list of namespaces to block pods from
          - myotherns

Nexus:

As documented in the Nexus Docs - there is now a process for establishing a separate user for metrics authentication.
This provides a mechanism to remove admin credentials from the runtime environment.
Please read the documentation for notes on upgrading or conducting a new installation.

Upgrades from previous releases💣

If coming from a version pre-1.49.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.49.0.

Packages💣

Package	Type	Package Version	BB Version
Istio Controlplane	Core	Istio `1.16.1` Tetrate Istio Distro `1.15.1`	`1.16.1-bb.0` 🔗
Istio Operator	Core	Istio Operator `1.16.1` Tetrate Istio Distro Operator `1.15.1`	`1.16.1-bb.0` 🔗
Jaeger	Core	`1.39.0`	`2.37.0-bb.0`
Kiali	Core	`1.60.0`	`1.60.0-bb.0` 🔗
Cluster Auditor	Core	`0.0.7`	`1.5.0-bb.1`
Gatekeeper	Core	`3.10.0`	`3.10.0-bb.0`
Kyverno	Core	`1.8.1`	`2.6.1-bb.0`
Kyverno Policies	Core	`1.0.1`	`1.0.1-bb.9` 🔗
Kyverno Reporter	Core	`2.10.3`	`2.13.4-bb.1`
Elasticsearch Kibana	Core	Kibana `8.5.2` Elasticsearch `8.5.2`	`0.14.0-bb.0` 🔗
Eck Operator	Core	`2.5.0`	`2.5.0-bb.0`
Fluentbit	Core	`2.0.6`	`0.21.4-bb.0` 🔗
Promtail	Core	`2.7.0`	`6.7.2-bb.0`
Loki	Core	`2.7.0`	`3.7.0-bb.0` 🔗
Neuvector	Core	`5.0.2`	`2.2.2-bb.2`
Tempo	Core	Tempo `1.5.0` Tempo Query `1.5.0`	`0.16.1-bb.2`
Monitoring	Core	Prometheus `2.40.5` Grafana `9.3.2` Alertmanager `0.24.0`	`43.1.2-bb.0` 🔗
Twistlock	Core	`22.06.197`	`0.11.4-bb.1`
Argocd	Addon	`2.4.12`	`5.5.7-bb.6` 🔗
Authservice	Addon	`0.5.3`	`0.5.3-bb.2`
Minio Operator	Addon	`4.5.4`	`4.5.4-bb.0`
Minio	Addon	`RELEASE.2022-11-26T22-43-32Z`	`4.5.4-bb.2`
Gitlab	Addon	`15.6.1`	`6.6.1-bb.1`
Gitlab Runner	Addon	`15.6.0`	`0.47.0-bb.1`
Nexus	Addon	`3.42.0-01`	`42.0.0-bb.4` 🔗
Sonarqube	Addon	`8.9.10-community`	`1.0.31-bb.3`
Haproxy	Addon	`2.2.21`	`1.12.0-bb.0`
Anchore Enterprise	Addon	Enterprise `4.2.0` Engine `1.1.0`	`1.20.0-bb.2` 🔗
Mattermost Operator	Addon	`1.19.0`	`1.19.0-bb.0`
Mattermost	Addon	`7.5.1`	`7.5.1-bb.0`
Velero	Addon	`1.9.3`	`2.32.2-bb.0`
Keycloak	Addon	Keycloak `18.0.2-legacy` PlatformOne Plugin `1.2.0`	`18.2.1-bb.5`
Vault	Addon	`1.12.0`	`0.22.1-bb.1` 🔗
Metrics Server	Addon	`0.6.2`	`3.8.3-bb.0` 🔗

Changes in 1.50.0💣

Big Bang MRs💣

!2317: Enable disallow-namespaces Kyverno policy
!2332: Update supported k8s version wording
!2227: Add support for OCI deployments

Istio Controlplane💣

!2342: Updated istio git tags to 1.16.1
!2334: Istio: Split image name/tag for hook job

# Changelog Updates

## [1.16.1-bb.0] - 2022-12-17

### Changed

- ironbank/opensource/istio/install-cni updated from 1.15.3 to 1.16.1
- ironbank/opensource/istio/pilot updated from 1.15.3 to 1.16.1
- ironbank/opensource/istio/proxyv2 updated from 1.15.3 to 1.16.1

## [1.15.3-bb.1]

### Changed

- Splits the `postInstallHook` image and tag so that they can be maintained separately.

Istio Operator💣

!2342: Updated istio git tags to 1.16.1

# Changelog Updates

## [1.16.1-bb.0]

### Changed

- Updated repo1 image to `1.16.1`

Kiali💣

!2330: Kiali: Update to 1.60.0

# Changelog Updates

## [1.60.0-bb.0] - 2022-12-14

### Changed

- Updated to 1.60.0 images (latest in IB)

Kyverno Policies💣

!2336: Kyverno-policies: Update kubectl image

# Changelog Updates

## [1.0.1-bb.9] - 2022-12-13

### Changed

- ironbank/opensource/kubernetes/kubectl updated from v1.25.4 to v1.25.5

Elasticsearch Kibana💣

!2338: Updated elasticsearch-kibana git tag to appversion 8.5.2

# Changelog Updates

## [0.14.0-bb.0] - 2022-12-09

### Changed

- ironbank/elastic/elasticsearch/elasticsearch updated from 8.5.0 to 8.5.2
- ironbank/elastic/kibana/kibana updated from 8.5.0 to 8.5.2

Fluentbit💣

!2327: Updated fluentbit to version v2.0.6
!2326: Updated fluentbit git tag

# Changelog Updates

## [0.21.4-bb.0]

### Changed

- Updated upstream helm chart tag `0.21.4`
- Updated fluent-bit image to `2.0.6` from IB

## [0.21.2-bb.1]

### Changed

- added prometheus Rules to deployment

Loki💣

!2324: Loki update to 3.7.0

# Changelog Updates

## [3.7.0-bb.0]

### Changed

- Updated chart to `helm-loki-3.7.0`
- Updated kubectl image to `v1.25.5`

Monitoring💣

!2347: Updated monitoring git tag
!2323: HA dox for prometheus

# Changelog Updates

## [43.1.2-bb.0]

### Changed

- Updated Monitoring chart to 43.1.2 and Updated image versions to latest in IB
- Prometheus: 2.40.5
- Grafana: 9.3.2
- Alertmanager: 0.24.0
- k8s-sidecar image held at 1.19.5 due to issues w/ 1.21.0

## [41.7.3-bb.1]

### Added

- Grafana and prometheus cypress tests can now log in with keycloak SSO
- Added cypress test for the alertmanager UI w/SSO login

Argocd💣

!2335: Updated argocd git tag

# Changelog Updates

## [5.5.7-bb.6] - 2022-12-15

### Changed

- Change redis subchart to utilize oci

Nexus💣

!2341: Updated nexus git tag

# Changelog Updates

## [42.0.0-bb.4] - 2022-12-12

### Changed

- Added job for creation of a metrics user for Service Monitor Basic Auth purposes.
- Removed individual dns network policies in favor of standardized dns allow

Anchore Enterprise💣

!2331: Anchore: Update redis subchart to use OCI

# Changelog Updates

## [1.20.0-bb.2]

### Changed

- Change redis subchart to utilize oci

Vault💣

!2328: Vault security context fix

# Changelog Updates

## [0.22.1-bb.1] - 2022-11-16

### Updated

- Fixed security context capability violations

Metrics Server💣

!2333: Metrics server: Update to 0.6.2

# Changelog Updates

## [3.8.3-bb.0]

### Added

- Updated to upstream helm chart metrics-server-helm-chart-3.8.3
- Updated metrics-server images to 0.6.2
- Updated kubectl image to v1.25.5

Known Issues💣

On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information

Helpful Links💣

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Open issues here
Join our chat
Check out the documentation for guidance on how to get started

Future💣

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.