Skip to content

Release Notes - 2.27.0📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.27.6 (RKE2).

Upgrade Notices📜

Upgrades from previous releases📜

If coming from a version pre-2.26.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.26.0.

Packages📜

Package Type Package Version BB Version
Updated Istio Controlplane Core Istio 1.21.1 Tetrate Istio Distro 1.21.1 1.21.1-bb.1 🔗
Updated Istio Operator Core Istio Operator 1.21.2 Tetrate Istio Distro Operator 1.21.1 1.21.1-bb.0 🔗
Jaeger Core 1.56.0 2.53.0-bb.1
Updated Kiali Core 1.84.0 1.84.0-bb.0 🔗
Updated Cluster Auditor Core 0.0.7 1.5.0-bb.16 🔗
Gatekeeper Core 3.15.1 3.15.0-bb.7
Kyverno Core 1.11.4 3.1.4-bb.8
Updated Kyverno Policies Core 3.0.4 3.0.4-bb.30 🔗
Kyverno Reporter Core 2.18.0 2.22.4-bb.3
Updated Elasticsearch Kibana Core Kibana 8.13.2 Elasticsearch 8.13.2 1.14.0-bb.1 🔗
Updated Eck Operator Core 2.12.1 2.12.1-bb.1 🔗
Updated Fluentbit Core 3.0.3 0.46.5-bb.0 🔗
Updated Promtail Core 2.9.4 6.15.5-bb.5 🔗
Updated Loki Core 2.9.6 5.47.2-bb.4 🔗
Updated Neuvector Core 5.3.2 2.7.6-bb.1 🔗
Updated Tempo Core Tempo 2.3.0-ubi9 Tempo Query 2.3.1 1.7.1-bb.8 🔗
Updated Monitoring Core Prometheus 2.52.0 Grafana 10.4.2 Alertmanager 0.27.0 58.5.1-bb.0 🔗
Updated Grafana Core 10.4.2 7.3.9-bb.2 🔗
Twistlock Core 32.01.128 0.15.0-bb.7
Wrapper Core N / A 0.4.7
Updated Argocd Addon 2.10.7 6.7.15-bb.3 🔗
Updated Authservice Addon 1.0.0 1.0.0-bb.1 🔗
Minio Operator Addon 5.0.14 5.0.14-bb.2
Updated Minio Addon RELEASE.2024-05-01T01-11-10Z 5.0.12-bb.13 🔗
Updated Gitlab Addon 16.11.1 7.11.1-bb.2 🔗
Updated Gitlab Runner Addon 16.10.0 0.63.0-bb.6 🔗
Updated Nexus Addon 3.67.1-01 67.1.0-bb.4 🔗
Updated Sonarqube Addon 9.9.4-community 8.0.4-bb.4 🔗
Fortify Addon 23.2.0.0154 1.1.2320154-bb.5
Updated Haproxy Addon 2.2.33 1.19.3-bb.5 🔗
Updated Anchore Enterprise Addon 5.4.1 2.4.2-bb.14 🔗
Updated Mattermost Operator Addon 1.21.0 1.21.0-bb.1 🔗
Mattermost Addon 9.7.3 9.7.3-bb.1
Velero Addon 1.13.1 6.0.0-bb.5
Updated Keycloak Addon 23.0.7 23.0.7-bb.6 🔗
Updated Vault Addon 1.14.10 0.25.0-bb.28 🔗
Metrics Server Addon 0.7.1 3.12.1-bb.1
Updated Harbor Addon 2.10.2 1.14.2-bb.5 🔗
Updated Holocron Addon 3.3.0 1.0.6 🔗
Thanos Addon 0.34.1 13.2.2-bb.4

Changes in 2.27.0📜

Big Bang MRs📜

  • !4362: update helm release API version
  • !4313: Update Flux
  • !4150: Update registry1.dso.mil/ironbank/fluxcd/source-controller Docker tag to v1.2.5
  • !4179: Enforce restrict capabilities
  • !4277: update wording in doc
  • !4238: Update aws-k3d-script.md to reflect updated output of k3d-dev.sh -h command
  • !4160: Update policy-enforcement.md

Istio Controlplane📜

  • !4325: istio update to 1.21.1-bb.1
  • !4270: istio update to 1.20.4-bb.3
# Changelog Updates

## [1.21.1-bb.1] - 2024-05-13
### Removed
- Removed native sidecar support because we have to support 1.27.x

## [1.21.1-bb.0] - 2024-05-03
### Changed
- ironbank/opensource/istio/install-cni updated from 1.20.4 to 1.21.1
- ironbank/opensource/istio/pilot updated from 1.20.4 to 1.21.1
- ironbank/opensource/istio/proxyv2 updated from 1.20.4 to 1.21.1
- ironbank/tetrate/istio/install-cni updated from 1.20.4 to 1.21.1
- ironbank/tetrate/istio/pilot updated from 1.20.4 to 1.21.1
- ironbank/tetrate/istio/proxyv2 updated from 1.20.4 to 1.21.1

## [1.20.4-bb.3] - 2024-05-02
### Added
- Added custom network policies

## [1.20.4-bb.2] - 2024-04-23
### Added
- Added native sidecar support

Istio Operator📜

  • !4281: istioOperator update to 1.21.1-bb.0
  • !4240: istioOperator update to 1.20.4-bb.1
# Changelog Updates

## [1.21.1-bb.0] - 2024-05-03
### Changed
- Updated repo1 image to `1.21.1`
- Updated TID image to `1.21.1`

Kiali📜

  • !4324: kiali update to 1.84.0-bb.0
  • !4316: kiali update to 1.83.0-bb.0
# Changelog Updates

## [1.84.0-bb.0] - 2024-05-10
### Changed
- Updated Kiali to v1.84.0
- Updated registry1.dso.mil/ironbank/opensource/kiali/kiali-operator to 1.84.0

## [1.83.0-bb.0] - 2024-05-08
### Changed
- Updated Kiali to v1.83.0
- Updated registry1.dso.mil/ironbank/opensource/kiali/kiali-operator to 1.83.0

Cluster Auditor📜

  • !4289: clusterAuditor update to 1.5.0-bb.16
# Changelog Updates

## [1.5.0-bb.16] - 2024-04-24
### Added
- Add support for additional custom network policies through the values yaml

Kyverno Policies📜

  • !4359: Update Kyverno Policies to add neuvector-controller-pod
  • !4296: kyvernoPolicies update to 3.0.4-bb.30
# Changelog Updates

## [3.0.4-bb.30] - 2024-05-03
### Changed
- gluon updated from 0.4.8 to 0.5.0
- ironbank/opensource/kubernetes/kubectl updated from v1.29.3 to v1.29.4
- ironbank/redhat/ubi/ubi9-minimal updated from 9.3 to 9.4

Elasticsearch Kibana📜

  • !4245: elasticsearchKibana update to 1.14.0-bb.1
# Changelog Updates

## [1.14.0-bb.1] - 2024-04-29
### Added
- Support for delivering custom network policies via values yaml

Eck Operator📜

  • !4243: eckOperator update to 2.12.1-bb.1
# Changelog Updates

## [2.12.1-bb.1] - 2024-04-24
### Added
- Support for custom network policy definition via values yaml

Fluentbit📜

  • !4318: fluentbit update to 0.46.5-bb.0
  • !4290: Update fluentbit tag 0.46.2 bb.2
  • !4244: fluentbit update to 0.46.2-bb.1
# Changelog Updates

## [0.46.5-bb.0] - 2024-05-08
### Added
- Gluon 0.4.9 -> 0.5.0
- fluent-bit 3.0.2 -> 3.0.3
- configmap-reload v0.12.0 -> v0.13.0

## [0.46.2-bb.2] - 2024-05-02
### Added
- Drop unnecessary labels for Loki 3.0 support

## [0.46.2-bb.1] - 2024-04-29
### Added
- Support for custom network policies via values yaml

Promtail📜

  • !4267: promtail update to 6.15.5-bb.5
# Changelog Updates

## [6.15.5-bb.5] - 2024-05-01
### Added
- Drop unnecessary labels for Loki 3.0 support

Loki📜

  • !4299: loki update to 5.47.2-bb.4
  • !4294: loki update to 5.47.2-bb.3
# Changelog Updates

## [5.47.2-bb.4] - 2024-05-07
### Fixed
- Match minIO chart version to it's pinned image

## [5.47.2-bb.3] - 2024-05-06
### Added
- Disabled anonymous usage statistics

Neuvector📜

  • !4359: Update Kyverno Policies to add neuvector-controller-pod
  • !4304: neuvector update to 2.7.6-bb.1
  • !4208: SKIP UPGRADE neuvector update to 2.7.6-bb.0
# Changelog Updates

## [2.7.6-bb.1] - 2024-05-05
### Changed
- Updated registry1.dso.mil/ironbank/neuvector/neuvector/prometheus-exporter from 5.3.0 to 5.3.2

## [2.7.6-bb.0] - 2024-04-14
### Changed
- Updated registry1.dso.mil/ironbank/neuvector/neuvector/controller from 5.3.0 to 5.3.2
- Updated registry1.dso.mil/ironbank/neuvector/neuvector/enforcer from 5.3.0 to 5.3.2
- Updated registry1.dso.mil/ironbank/neuvector/neuvector/manager from 5.3.0 to 5.3.2

Tempo📜

  • !4301: tempo update to 1.7.1-bb.8
# Changelog Updates

## [1.7.1-bb.8] - 2024-05-07
### Changed
- Disable anonymous reporting to Grafana Labs

Monitoring📜

  • !4338: monitoring update to 58.5.1-bb.0
  • !4319: monitoring update to 58.4.1-bb.0
  • !4295: monitoring update to 58.3.3-bb.0
  • !4256: monitoring update to 58.3.1-bb.0
# Changelog Updates

## [58.5.1-bb.0] - 2024-05-14
### Updated
- Updated Prometheus: 2.51.2 -> 2.52.0

## [58.4.1-bb.0] - 2024-05-09
### Updated
- kiwigrid/k8s-sidecar 1.26.1 -> 1.26.2
- thanos/thanos v0.34.1 -> v0.35.0
- prometheus/node_exporter 4.33.* -> 4.34.*

## [58.3.3-bb.0] - 2024-05-03
### Updated
- Updated Gluon: 0.4.10 -> 0.5.0
- Updated prometheus/node-exporter: v1.7.0 -> v1.8.0
- Updated ubi9-minimal 9.3 -> 9.4

## [58.3.1-bb.0] - 2024-05-01
### Updated
- Updated kubectl: 1.29.4
- Updated prometheus-config-reloader: v0.73.2
- Updated prometheus-operator: v0.73.2
- Updated prometheus-node-exporter: 4.33.0

Grafana📜

  • !4320: grafana update to 7.3.9-bb.2
  • !4315: grafana update to 7.3.9-bb.1
# Changelog Updates

## [7.3.9-bb.2] - 2024-05-09
### Changed
- Use ironbank `bats` image

## [7.3.9-bb.1] - 2024-05-08
### Changed
- Disable anonymous reporting to Grafana Labs

Argocd📜

  • !4305: argocd update to 6.7.15-bb.3
  • !4261: argocd update to 6.7.15-bb.2
# Changelog Updates

## [6.7.15-bb.3] - 2024-05-03
### Changed
- Updated gluon from 0.4.10 -> 0.5.0

## [6.7.15-bb.2] - 2024-04-30
### Changed
- Update securityContext for guestbook-ui

Authservice📜

  • !4249: authservice update to 1.0.0-bb.1
# Changelog Updates

## [1.0.0-bb.1] - 2024-04-29
### Added
- Added the ability to deploy additional network policies from the values yaml

Minio📜

  • !4303: minio update to 5.0.12-bb.13
# Changelog Updates

## [5.0.12-bb.13] - 2024-05-07
### Changed
- Updated gluon to 0.5.0
- Updated minio to `RELEASE.2024-05-01T01-11-10Z`
- Updated mc to `RELEASE.2024-04-29T09-56-05Z`

Gitlab📜

  • !4288: gitlab update to 7.11.1-bb.2
  • !4269: gitlab update to 7.11.0-bb.1
  • !4258: gitlab update to 7.11.0-bb.0
# Changelog Updates

## [7.11.1-bb.2] - 2024-05-15
### Changed
- Changed the istio sidecar inject back to false so gitlab can come up

## [7.11.1-bb.1] - 2024-05-13
### Removed
- Removed the kubeversion from chart

## [7.11.1-bb.0] - 2024-05-03
### Changed
- Update ironbank/gitlab/gitlab/gitlab-webservice 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl 16.11.0 -> 16.11.1
- Update registry1.dso.mil/ironbank/redhat/ubi/ubi9 9.3 -> 9.4

Gitlab Runner📜

  • !4336: bump gitlab runner to bb.6
  • !4259: gitlabRunner update to 0.63.0-bb.5
# Changelog Updates

## [0.63.0-bb.6] - 2024-05-01
### Added
- Added Istio Authorization Policies Support

## [0.63.0-bb.5] - 2024-04-29
### Added
- Templates for Istio Sidecars and ServiceEntries, IstioHardened.md doc, values update

Nexus📜

  • !4314: nexusRepositoryManager update to 67.1.0-bb.4
  • !4254: nexusRepositoryManager update to 67.1.0-bb.3
# Changelog Updates

## [67.1.0-bb.4] - 2024-05-01
### Added
- Templates for Istio Sidecars and ServiceEntries, IstioHardened.md doc, values update

## [67.1.0-bb.3] - 2024-04-29
### Added
- Add support for additional custom network policies through the values yaml

Sonarqube📜

  • !4266: sonarqube update to 8.0.4-bb.4
# Changelog Updates

## [8.0.4-bb.4] - 2024-04-29
### Added
- Added istio egress whitelist functionality

Haproxy📜

  • !4274: haproxy update to 1.19.3-bb.5
# Changelog Updates

## [1.19.3-bb.5] - 2024-05-06
### Added
- Updated HAProxy `v2.2.32` -> `v2.2.33`
- Remove `SKIP UPDATE CHECK` prefix

Anchore Enterprise📜

  • !4283: anchore update to 2.4.2-bb.14
  • !3892: Update anchore to include hardening for testing
  • !4262: anchore update to 2.4.2-bb.11
# Changelog Updates

## [2.4.2-bb.14] - 2024-05-03
### Changed
- Fixed db credential leaking in the ensure anchor db container

## [2.4.2-bb.12] - 2024-05-02
### Updated
- Added Sidecars, ServiceEntries, istiohardened doc, values update

## [2.4.2-bb.11] - 2024-04-30
### Changed
- Update kubeVersion constraints, set minimum kubeVersion and remove max version

Mattermost Operator📜

  • !4201: mattermostOperator update to 1.21.0-bb.1
# Changelog Updates

## [1.21.0-bb.1] - 2024-04-15
### Changed
- Added Istio Sidecar to restrict egress traffic to REGISTRY_ONLY
- Added Istio ServiceEntry to explicitly allow egress

Keycloak📜

  • !4302: keycloak update to 23.0.7-bb.6
  • !4250: keycloak update to 23.0.7-bb.5
# Changelog Updates

## [23.0.7-bb.6] - 2024-05-07
### Added
- Added allow-nothing-policy
- Added ingressgateway-authz-policy
- Added keycloak-postgres-policy
- Added template for adding user defined policies

## [23.0.7-bb.5] - 2024-04-22
### Added
- Added custom network policies

Vault📜

  • !4317: vault update to 0.25.0-bb.28
# Changelog Updates

## [0.25.0-bb.28] - 2024-05-08
### Removed
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar

## [0.25.0-bb.27] - 2024-05-01
### Added
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar

Harbor📜

  • !4322: harbor update to 1.14.2-bb.5
  • !4307: harbor update to 1.14.2-bb.3
# Changelog Updates

## [1.14.2-bb.5] - 2024-05-10
### Changed
- Set default `istio.mtls.mode` to STRICT

## [1.14.2-bb.4] - 2024-05-08
### Fixed
- Fixed harbor core annotation version

## [1.14.2-bb.3] - 2024-04-29
### Added
- Add istio egress whitelist functionality

Holocron📜

  • !4260: holocron update to 1.0.6
# Changelog Updates

## [1.0.6] - 2024-04-26
### Updated
- Updated postgresql application version to 15.6
- Updated gluon dependency to 0.4.10

Known Issues📜

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.