Release Notes - 1.56.0💣
Please see our documentation page for more information on how to consume and deploy BigBang.
Upgrade Notices💣
ArgoCD:
argocd-apps
has been added as a sub-chart to the main BigBang argocd chart and if you’re declaratively adding an application into ArgoCD that will now need to go underneath theargocd-apps
key:addons: argocd: values: argocd-apps: applications: - name: test-application ...
Neuvector:
- Istio integration is now enabled and all Neuvector pods should restart and now run with istio-proxy sidecars.
- An Istio PeerAuthentication resource is now present to set
STRICT
mTLS policy for the neuvector namespace and metrics for the application have been configured for TLS communication so metrics will still show up in Prometheus.
Flux:
- Flux is updating to a new minor version in this release, from
0.39.0
tov0.40.2
, component versions: - source-controller:
v0.35.2
- helm-controller:
v0.30.0
- kustomize-controller:
v0.34.0
- notification-controller:
v0.32.1
- We recommend updating Flux to stay up to date - we only test releases against the latest Flux version in Big Bang. Running the Flux update script via
./scripts/install_flux.sh -s
will re-use your existing pull secret and update all components.
Istio Upgrade:
- Istio was updated from
1.16.2
to1.17.1
in this release - Big Bang apps should be configured to automatically cycle for the latest sidecar config
- Make sure to cycle pods for any community or tenant applications manually to pull the new version in.
Upgrades from previous releases💣
If coming from a version pre-1.55.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.55.0
.
Packages💣
Package | Type | Package Version | BB Version |
---|---|---|---|
Istio Controlplane | Core | Istio 1.17.1 Tetrate Istio Distro 1.16.1 |
1.17.1-bb.0 🔗 |
Istio Operator | Core | Istio Operator 1.17.1 Tetrate Istio Distro Operator 1.16.1 |
1.17.1-bb.0 🔗 |
Jaeger | Core | 1.42.0 |
2.41.0-bb.0 🔗 |
Kiali | Core | 1.64.0 |
1.64.0-bb.0 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.2 |
Gatekeeper | Core | 3.11.0 |
3.11.0-bb.2 🔗 |
Kyverno | Core | 1.8.5 |
2.6.5-bb.3 🔗 |
Kyverno Policies | Core | 1.1.0 |
1.1.0-bb.3 🔗 |
Kyverno Reporter | Core | 2.10.4 |
2.16.0-bb.0 |
Elasticsearch Kibana | Core | Kibana 8.6.1 Elasticsearch 8.6.0 |
1.1.0-bb.1 |
Eck Operator | Core | 2.6.1 |
2.6.1-bb.0 |
Fluentbit | Core | 2.0.9 |
0.24.0-bb.0 |
Promtail | Core | 2.7.1 |
6.8.1-bb.1 |
Loki | Core | 2.7.4 |
4.8.0-bb.0 🔗 |
Neuvector | Core | 5.1.1 |
2.4.2-bb.5 🔗 |
Tempo | Core | Tempo 2.0.0 Tempo Query 2.0.0 |
1.0.0-bb.3 |
Monitoring | Core | Prometheus 2.40.5 Grafana 9.3.2 Alertmanager 0.24.0 |
43.1.2-bb.4 🔗 |
Twistlock | Core | 22.06.197 |
0.11.4-bb.3 |
Argocd | Addon | 2.6.1 |
5.22.1-bb.2 🔗 |
Authservice | Addon | 0.5.3 |
0.5.3-bb.5 |
Minio Operator | Addon | 4.5.4 |
4.5.4-bb.0 |
Minio | Addon | RELEASE.2022-11-26T22-43-32Z |
4.5.4-bb.3 |
Gitlab | Addon | 15.9.2 |
6.9.2-bb.1 🔗 |
Gitlab Runner | Addon | 15.8.1 |
0.49.1-bb.0 |
Nexus | Addon | 3.47.1-01 |
47.1.0-bb.0 |
Sonarqube | Addon | 9.9.0-community |
8.0.0-bb.1 |
Haproxy | Addon | 2.2.21 |
1.12.0-bb.0 |
Anchore Enterprise | Addon | Enterprise 4.4.1 Engine 1.1.0 |
1.22.3-bb.0 |
Mattermost Operator | Addon | 1.19.0 |
1.19.0-bb.0 |
Mattermost | Addon | 7.8.1 |
7.8.1-bb.0 🔗 |
Velero | Addon | 1.10.1 |
3.1.2-bb.2 🔗 |
Keycloak | Addon | 20.0.3 |
18.4.0-bb.1 |
Vault | Addon | 1.12.1 |
0.23.0-bb.2 |
Metrics Server | Addon | 0.6.2 |
3.8.4-bb.0 🔗 |
Changes in 1.56.0💣
Big Bang MRs💣
- !2595: Handle merging things properly for monitoring
- !2592: Neuvector SSO integration
- !2569: k3d update to 5.4.8, typo fix
- !2518: Update Flux
Istio Controlplane💣
- !2589: istio-operator & istio-controlplane update to 1.17.1-bb.0
# Changelog Updates
## [1.17.1-bb.0] - 2023-03-01
### Changed
- ironbank/opensource/istio/install-cni updated from 1.16.2 to 1.17.1
- ironbank/opensource/istio/pilot updated from 1.16.2 to 1.17.1
- ironbank/opensource/istio/proxyv2 updated from 1.16.2 to 1.17.1
Istio Operator💣
- !2589: istio-operator & istio-controlplane update to 1.17.1-bb.0
# Changelog Updates
## [1.17.1-bb.0]
### Changed
- Updated repo1 image to `1.17.1`
Jaeger💣
# Changelog Updates
## [2.41.0-bb.0] - 2023-03-17
### Changed
- Updated Jager images to 1.42.0 (latest operator version)
- Updated operator chart to 2.41.0
- Added upstream value certs.certificate.issuerKind
## [2.38.0-bb.2] - 2023-03-14
### Changed
- Modify chart name to jaeger from jaeger-operator to match the bb chart values file.
- Add nameOverride to the values file
Gatekeeper💣
- !2568: policy update to 3.11.0-bb.2
# Changelog Updates
## [3.11.0-bb.2] - 2022-03-09
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.26.1 -> v1.26.2
- Updated to latest gluon 0.3.2
Kyverno💣
- !2571: kyverno update to 2.6.5-bb.3
# Changelog Updates
## [2.6.5-bb.3] - 2023-03-13
### Changed
- Updated kubectl to v1.26.2
Kyverno Policies💣
- !2572: kyverno-policies update to 1.1.0-bb.3
# Changelog Updates
## [1.1.0-bb.3] - 2023-03-04
### Changed
- ironbank/opensource/kubernetes/kubectl updated from v1.26.1 to v1.26.2
Loki💣
- !2585: loki update to 4.8.0-bb.0
# Changelog Updates
## [4.8.0-bb.0] - 2022-03-14
### Changed
- Update loki from 2.7.3 -> 2.7.4
- Update kubectl from 1.26.1 -> 1.26.2
- Update nginx from 1.23.2 -> 1.23.3
- Update minio from 4.5.4-bb.2 -> 4.5.4-bb.3
Neuvector💣
- !2605: Neuvector duplicate manager block fix
- !2601: Neuvector fixes for metrics, SSO, istio
- !2593: neuvector update to 2.4.2-bb.4
- !2564: Enable mTLS for Neuvector metrics
- !2558: neuvector update to 2.4.2-bb.1
# Changelog Updates
## [2.4.2-bb.5] - 2023-03-22
### Changed
- Added support for podAnnotations on exporter
- Added network policy for updater kube api egress
- Add controller checksum for init config
## [2.4.2-bb.4] - 2023-03-14
### Changed
- Fixed pod termination issue caused by istio sidecar injection
## [2.4.2-bb.3] - 2023-03-10
### Changed
- Enable mTLS for metrics
## [2.4.2-bb.1] - 2023-03-3
### Added
- Integrated istio
Monitoring💣
- !2590: monitoring update to 43.1.2-bb.4
# Changelog Updates
## [43.1.2-bb.4] - 2022-03-15
### Added
- Updated chart name to monitoring
Argocd💣
- !2577: argocd update to 5.22.1-bb.2
# Changelog Updates
## [5.22.1-bb.2] - 2023-03-14
### Updated
- Updates Kpt file for `argocd-apps` to match 0.x.x format
## [5.22.1-bb.1] - 2023-03-01
### Updated
- Adds `argocd-apps` as a subchart of ArgoCD
Gitlab💣
# Changelog Updates
## [6.9.2-bb.1] - 2023-03-21
### Changed
- Corrected conditionals on Chart.yaml image annotations
## [6.9.2-bb.0] - 2023-03-13
### Changed
- Updated to helm chart to 6.9.2 and appVersion to 15.9.2
- ironbank/gitlab/gitlab/gitlab-webservice minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/alpine-certificates minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages minor 15.7.3 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse minor 15.8.2 -> 15.9.2
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl minor 15.8.2 -> 15.9.2
Mattermost💣
- !2570: mattermost update to 7.8.1-bb.0
# Changelog Updates
## [7.8.1-bb.0] - 2023-03-07
### Changed
- ironbank/opensource/mattermost/mattermost updated from 7.8.0 to 7.8.1
Velero💣
- !2565: velero update to 3.1.2-bb.2
# Changelog Updates
## [3.1.2-bb.2]
### Changed
- Updated nginx to `1.23.3` and kubectl to `1.26.2`
Metrics Server💣
- !2578: metrics-server update to 3.8.4-bb.0
# Changelog Updates
## [3.8.4-bb.0]
### Added
- Updated helm chart version. Upstream changes do not apply.
Known Issues💣
- On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future💣
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.