Release Notes - 2.11.0💣
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.26.3 (RKE2).
Upgrade Notices💣
Upgrades from previous releases💣
If coming from a version pre-2.10.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.10.0
.
Twistlock:
- Twistlock updates to tag
0.13.0-bb.0
app version30.02.123
and as a resultdefender
options have changed.defender.cri.enabled
is no longer an option and instead you must setdefender.containerRuntime
to one ofdocker
,containerd
orcrio
with the package default beingcontainerd
. If you had the default ofdefender.cri.enabled
before there will be no changes needed. - Before upgrading to
v30
you must have upgraded to22.12
first, upgrades from22.06
are not supported.22.12
has been included in BigBang since1.57.0
.
ArgoCD:
- ArgoCD updated to
5.45.2-bb.0
Argo versionv2.8.2
and as a result many package values changed: - Number of replicas defined for
applicationSet
controller is nowreplicas: X
instead ofreplicaCount: X
configs.repositoryCredentials
is now configured asconfigs.credentialTemplates
server.enable.gzip
now defaults totrue
Mattermost:
- Beginning with Mattermost BigBang version
8.1.0-bb.1
when SSO is enabled, other login methods are hidden. If you wish to use an email or username to log in, or re-enable email (non-SSO) sign up, the following values can be overriden:
addons:
mattermost:
sso:
enable_sign_up_with_email: true
enable_sign_in_with_email: true
enable_sign_in_with_username: true
Packages💣
Package | Type | Package Version | BB Version |
---|---|---|---|
Istio Controlplane | Core | Istio 1.18.2 Tetrate Istio Distro 1.18.2 |
1.18.2-bb.1 |
Istio Operator | Core | Istio Operator 1.18.2 Tetrate Istio Distro Operator 1.18.2 |
1.18.2-bb.0 |
Jaeger | Core | 1.46.0 |
2.46.0-bb.2 |
Kiali | Core | 1.71.0 |
1.71.0-bb.1 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.7 |
Gatekeeper | Core | 3.12.0 |
3.12.0-bb.4 |
Kyverno | Core | 1.9.2 |
2.7.2-bb.0 |
Kyverno Policies | Core | 1.1.0 |
1.1.0-bb.10 🔗 |
Kyverno Reporter | Core | 2.10.4 |
2.16.0-bb.3 🔗 |
Elasticsearch Kibana | Core | Kibana 8.7.1 Elasticsearch 8.7.0 |
1.3.1-bb.1 |
Eck Operator | Core | 2.8.0 |
2.8.0-bb.0 |
Fluentbit | Core | 2.1.8 |
0.37.0-bb.0 |
Promtail | Core | 2.8.4 |
6.15.0-bb.0 |
Loki | Core | 2.8.4 |
5.15.0-bb.0 |
Neuvector | Core | 5.1.3 |
2.4.5-bb.5 🔗 |
Tempo | Core | Tempo 2.2.2 Tempo Query 2.2.2 |
1.6.1-bb.0 🔗 |
Monitoring | Core | Prometheus 2.46.0 Grafana 10.0.2 Alertmanager 0.25.0 |
48.3.1-bb.0 |
Grafana | Core | 10.0.3 |
6.58.9-bb.3 |
Twistlock | Core | 30.02.123 |
0.13.0-bb.0 🔗 |
Wrapper | Core | N / A | 0.4.1 |
Argocd | Addon | 2.8.2 |
5.45.2-bb.0 🔗 |
Authservice | Addon | 0.5.3 |
0.5.3-bb.17 🔗 |
Minio Operator | Addon | 5.0.5 |
5.0.5-bb.0 |
Minio | Addon | RELEASE.2023-06-19T19-52-50Z |
5.0.5-bb.0 |
Gitlab | Addon | 16.3.1 |
7.3.1-bb.0 🔗 |
Gitlab Runner | Addon | 15.11.0 |
0.52.0-bb.4 🔗 |
Nexus | Addon | 3.53.1-02 |
53.1.0-bb.1 |
Sonarqube | Addon | 9.9.1-community |
8.0.1-bb.4 |
Fortify | Addon | 23.1.2.0005 |
0.2.0-bb.14 |
Haproxy | Addon | 2.2.21 |
1.12.0-bb.1 |
Anchore Enterprise | Addon | Enterprise 4.8.0 Engine 1.1.0 |
1.26.1-bb.0 |
Mattermost Operator | Addon | 1.20.1 |
1.20.1-bb.0 |
Mattermost | Addon | 8.1.2 |
8.1.2-bb.0 🔗 |
Velero | Addon | 1.11.1 |
5.0.2-bb.1 🔗 |
Keycloak | Addon | 21.1.1 |
18.4.3-bb.4 🔗 |
Vault | Addon | 1.13.1 |
0.25.0-bb.0 🔗 |
Metrics Server | Addon | 0.6.3 |
3.10.0-bb.0 |
Harbor | Addon | 2.8.4 |
1.12.4-bb.0 |
Changes in 2.11.0💣
Big Bang MRs💣
- !3111: Moving fortify
- !3017: Add Fortify to packages.md
- !3027: Add Fortify Charts To BB Main Repo
- !3096: fix: ips conditionals for logging
- !3122: fix: packages registry secret logic
- !3024: Resolve “Add Global Promethus Label Based ExtraScrapeConfig”
- !3066: Corrected path to quickstart.md in flux.md
Kyverno Policies💣
- !3078: exclude istio-init containers from require-non-root-group
# Changelog Updates
## [1.1.0-bb.10] - 2023-08-29
### Added
- precondition support for excluding istio-init containers from require-group policy
Kyverno Reporter💣
- !3114: kyvernoReporter update to 2.16.0-bb.3
# Changelog Updates
## [2.16.0-bb.3] - 2023-9-14
### Changed
- Made test resources conditional on bbtests.enabled
## [2.16.0-bb.2] - 2023-08-30
### Changed
- Updated Prometheus Cypress Test to work with updated UI
- Added Grafana as a dependency to Cypress Test
Neuvector💣
- !3075: add support for sso.certificateAuthority to neuvector
# Changelog Updates
## [2.4.5-bb.5]
### Added
- Add ability to pass in a sso certificate authority secret with `sso.certificateAuthority.secret`.
Tempo💣
# Changelog Updates
## [1.6.1-bb.0] - 2022-09-13
### Changed
- Bumped chart version to 1.6.1
- Bumped images tag to 2.2.2
## [1.2.0-bb.7] - 2022-08-29
### Changed
- Fixed Cypress test in the BigBang pipeline
## [1.2.0-bb.6] - 2022-08-28
### Changed
- Cypress modernization updates
- Updated gluon to 0.4.0
- Added npm package files, updated cypress file sturcture and file names to meet cypress 12.x requirements
Twistlock💣
- !3107: twistlock update to 0.13.0-bb.0
# Changelog Updates
## [0.13.0-bb.0] - 2023-09-01
### Changed
- ironbank/twistlock/console/console updated from 22.12.415 to 30.02.123
- ironbank/twistlock/defender/defender updated from 22.12.415 to 30.02.123
Argocd💣
# Changelog Updates
## [5.45.2-bb.0] - 2023-09-08
### Updated
- Updated to Argo 2.8.2
## [5.42.2-bb.1] - 2023-08-30
### Updated
- Refactored Cypress test to improve readability and maintainability
- Removed frequent use of waits and reloads
- Updated to work properly with KeyCloak enabled
Authservice💣
# Changelog Updates
## [0.5.3-bb.17] - 2023-09-14
### Fixed
- Fixed an issue with the `global.certificate_authority` value and the system CA bundle.
## [0.5.3-bb.16]
### Changed
- Added optional trigger-rules configuration.
Gitlab💣
- !3125: gitlab update to 7.3.1-bb.0
# Changelog Updates
## [7.3.1-bb.0] - 2023-09-12
### Changed
- registry1.dso.mil/ronbank/gitlab/gitlab/gitlab-webservice 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl 16.3.0 -> 16.3.1
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.52.0 -> v1.54.0
## [7.3.0-bb.2] - 2023-08-28
### Changed
- Changed Cypress tests to allow for SSO testing.
Gitlab Runner💣
# Changelog Updates
## [0.52.0-bb.4] - 2023-09-07
### Changed
- Update podSecurityContext for runner config
## [0.52.0-bb.3] - 2023-08-31
### Changed
- Update configmap to work if runAsNonRoot is set
Mattermost💣
# Changelog Updates
## [8.1.2-bb.0] - 2023-09-11
### Changed
- ironbank/opensource/mattermost/mattermost updated from 8.1.0 to 8.1.2
## [8.1.0-bb.1]
### Changed
- Hide sign up and sign in forms by default when sso is enabled.
- Sign up and sign in forms can be enabled, even when sso is enabled, with new values.yaml settings.
## [8.1.0-bb.0] - 2023-08-26
### Changed
- ironbank/opensource/mattermost/mattermost updated from 8.0.1 to 8.1.0
- ironbank/opensource/postgres/postgresql12 updated from 12.15 to 12.16
## [8.0.1-bb.3] - 2023-08-18
### Changed
- Setting new variable for cypress test timeout
- If no value is given it will use default timeout value.
## [8.0.1-bb.2] - 2023-08-17
### Changed
- Updated Cypress tests to allow for SSO login
Velero💣
# Changelog Updates
## [5.0.2-bb.1]
### Changed
- added Kopia integration volumes into the node-agent Daemonset and the Velero Deployment
## [5.0.2-bb.0]
### Changed
- ironbank/opensource/nginx/nginx 1.23.3 -> 1.25.1
- registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.26.4 -> 1.27.4
- registry1.dso.mil/ironbank/opensource/velero/velero v1.11.0 -> v1.11.1
- registry1.dso.mil/ironbank/opensource/velero/velero 1.11.0 -> 1.11.1
- registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-aws v1.7.0 -> v1.7.1
- registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-csi v0.5.0 -> v0.5.1
- registry1.dso.mil/ironbank/opensource/velero/velero-plugin-for-microsoft-azure v1.7.0 -> v1.7.1
- velero/velero-plugin-for-aws v1.7.0 -> v1.7.1
- velero/velero-plugin-for-csi v0.5.0 -> v0.5.1
- velero/velero-restore-helper v1.11.0 -> v1.11.1
Keycloak💣
- !3095: keycloak update to 18.4.3-bb.4
# Changelog Updates
## [18.4.3-bb.4] - 2023-09-12
### Updated
- Fixed a broken link in the docs
Vault💣
- !3099: vault update to 0.25.0-bb.0
# Changelog Updates
## [0.25.0-bb.0] - 2023-09-12
### Changed
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.13.1 -> 1.14.2
- Updated minio-instance 4.5.4-bb.2 -> 5.0.3-bb.2
- Updated gluon 0.3.2 -> 0.4.0
Known Issues💣
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future💣
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.