Changelog📜
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[0.25.0-bb.30] - 2024-05-21📜
Added📜
- Update grafana dashboard to use
piechart
instead of brokengrafana-piechart-panel
[0.25.0-bb.29] - 2024-05-21📜
Added📜
- gluon 0.4.9 -> 0.4.10
- registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s v1.4.0 -> v1.4.1
[0.25.0-bb.28] - 2024-05-08📜
removed📜
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar
[0.25.0-bb.27] - 2024-05-01📜
Added📜
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar
[0.25.0-bb.26] - 2024-04-26📜
Added📜
- registry1.dso.mil/ironbank/hashicorp/vault-csi-provider v1.4.1 -> v1.4.2
[0.25.0-bb.25] - 2024-04-25📜
Changed📜
- Fixed bug with Prometheus datasource returning no data
[0.25.0-bb.24] - 2024-04-24📜
Removed📜
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar
[0.25.0-bb.24] - 2024-04-24📜
Removed📜
- Sidecar to deny egress that is external to istio services
- customServiceEntries to allow egress to override sidecar
[0.25.0-bb.23] - 2024-04-09📜
Added📜
- Added the ability to deploy additional custom NetworkPolicy objects via override values (see chart/templates/bigbang/additional-networkpolicies.yaml)
[0.25.0-bb.22] - 2024-03-09📜
Changed📜
- Updated to gluon to 4.9
[0.25.0-bb.21] - 2024-03-19📜
changed📜
- Adding Sidecar to deny egress that is external to istio services
- Adding customServiceEntries to allow egress to override sidecar
[0.25.0-bb.20] - 2024-03-15📜
Updated📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s 1.3.1 -> v1.4.0
[0.25.0-bb.19] - 2024-03-13📜
Updated📜
- Added value for openshift defaulting to false in values.yaml
[0.25.0-bb.18] - 2024-03-11📜
Updated📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.14.9 -> 1.14.10
[0.25.0-bb.17] - 2024-03-04📜
Changed📜
- Openshift update for deploying Vault into Openshift cluster
[0.25.0-bb.16] - 2024-03-04📜
Changed📜
- Updated minio-instance to 5.0.12-bb.2
[0.25.0-bb.15] - 2024-02-22📜
Changed📜
- Updated to gluon to 4.8
[0.25.0-bb.14] - 2024-02-05📜
Updated📜
- renamed allow-api-access policy
[0.25.0-bb.13] - 2024-02-02📜
Updated📜
- allow-api-access policy
[0.25.0-bb.12] - 2024-02-02📜
Updated📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.14.8 -> 1.14.9
[0.25.0-bb.11] - 2024-01-18📜
Updated📜
- allow-intranamespace policy
- allow-nothing-policy
- ingressgateway-authz-policy
- monitoring-authz-policy
- promtail-authz-policy
- template for adding user defined policies
- enabling hardening during testing
[0.25.0-bb.10] - 2023-11-21📜
Updated📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.14.6 -> 1.14.8
[0.25.0-bb.9] - 2024-01-17📜
Changed📜
- Updated to gluon to 4.7 allowing consumers to implement custom scripts
- Updated Minio to 5.0.11-bb.2
[0.25.0-bb.8] - 2023-12-28📜
Changed📜
- Updated
values.yaml
to configure Vault TLS configuration based onglobal.tlsDiable
,istio.vault.tls.key
, andistio.vault.tls.cert
- Updated Developer Documentation to provide guidance for configuring Vault with a
PASSTHROUGH
istio gateway
[0.25.0-bb.7] - 2023-12-14📜
Changed📜
- Increased Cypress test resources
[0.25.0-bb.6] - 2023-12-12📜
Changed📜
- Updated gluon 0.4.4 -> 0.4.5
[0.25.0-bb.5] - 2023-11-21📜
Updated📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.14.2 -> 1.14.6
- Updated registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s 1.3.0 -> 1.3.1
- Updated gluon 0.4.1 -> 0.4.4
- Updated minio-instance 5.0.9-bb.2 -> 5.0.10-bb.2
- Updated registry1.dso.mil/ironbank/big-bang/base 2.0.0 -> 2.1.0
[0.25.0-bb.4] - 2023-10-11📜
Updated📜
- Updated OSCAL version from 1.0.0 to 1.1.1
[0.25.0-bb.3] - 2023-10-03📜
Changed📜
- Added resiliency to auto unseal job
[0.25.0-bb.2] - 2023-10-02📜
Changed📜
- Updated minio-instance 5.0.3-bb.2 -> 5.0.9-bb.2
[0.25.0-bb.1] - 2023-09-19📜
Changed📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault/vault-k8s 1.2.1 -> 1.3.0
- Updated gluon 0.4.0 -> 0.4.1
- Updated Cypress files
[0.25.0-bb.0] - 2023-09-12📜
Changed📜
- Updated registry1.dso.mil/ironbank/hashicorp/vault 1.13.1 -> 1.14.2
- Updated minio-instance 4.5.4-bb.2 -> 5.0.3-bb.2
- Updated gluon 0.3.2 -> 0.4.0
[0.24.1-bb.3] - 2023-08-18📜
Changed📜
- Adding proxyMetadata to Vault init job
[0.24.1-bb.2] - 2023-08-15📜
Changed📜
- Adding service entry for Vault and monitoring to connect to Vault
[0.24.1-bb.1] - 2023-05-30📜
Changed📜
- Fix VAULT_ADDR in autoInit job configMap
[0.24.1-bb.0] - 2023-05-08📜
Changed📜
vault
updated to 1.13.1vault-k8s
updated to 1.2.1vault-csi-provider
updated to v1.4.0
[0.23.0-bb.5] - 2023-04-19📜
Changed📜
vault-csi-provider
updated to v1.3.0
[0.23.0-bb.4] - 2023-04-04📜
Changed📜
vault
updated to 1.12.5vault-k8s
updated to 1.2.0
[0.23.0-bb.3] - 2022-03-22📜
Changed📜
vault
updated to 1.12.4
[0.23.0-bb.2] - 2022-01-18📜
Changed📜
- remove bogus leader-elector image from values
- change vault-csi-provider image to Iron Bank image
[0.23.0-bb.1] - 2022-01-17📜
Changed📜
- Update gluon to new registry1 location + latest version (0.3.2)
[0.23.0-bb.0] - 2022-12-28📜
Updated📜
vault
updated to 1.12.1 GH-814vault-k8s
updated to 1.1.0 GH-814vault-csi-provider
updated to 1.2.1 GH-814
[0.22.1-bb.3] - 2022-12-19📜
Updated📜
- Migrated minio dep to OCI repository
[0.22.1-bb.2] - 2022-12-02📜
Updated📜
- Update Vault to appVersion
1.12.1
,vault-k8s
to1.1.0
- Updated gluon to
0.3.1
- update Minio dependency to
4.5.4-bb.2
[0.22.1-bb.1] - 2022-11-16📜
Updated📜
- Fixed security context capability violations
[0.22.1-bb.0] - 2022-11-22📜
Updated📜
- Update Vault to appVersion
1.12.0
helm chart version0.22.1
,vault-k8s
to1.0.1
- Updated gluon to
0.3.1
- update Minio dependency to
4.5.4-bb.0
[0.22.0-bb.4] - 2022-11-14📜
Updated📜
- Updated minio dependency chart to
4.5.3-bb.1
[0.22.0-bb.3] - 2022-10-07📜
Removed📜
- Removed metric monitoring exception for Istio PeerAuthentication resource
[0.22.0-bb.2] - 2022-09-28📜
Updated📜
- Enhance Renovate functionality
[0.22.0-bb.1] - 2022-09-28📜
Added📜
- Added
oscal-component.yaml
file to project root w/ implemented requirements against NIST 800-53
[0.22.0-bb.0] - 2022-09-21📜
Updated📜
- Update Vault to appVersion
1.11.3
helm chart version0.22.0
,vault-k8s
to1.0.0
[0.21.0-bb.0] - 2022-08-12📜
Updated📜
- Updated
vault
to1.11.2
,vault-k8s
to0.17.0
[0.20.1-bb.4] - 2022-07-11📜
Changed📜
- Added configurable PVC size for dev/testing
[0.20.1-bb.3] - 2022-07-07📜
Updated📜
- Updated vault to v1.11.0 and minio to 4.4.16-bb.0
[0.20.1-bb.2] - 2022-06-28📜
Changed📜
- Updated bb base image to 2.0.0
- Updated gluon to 0.2.10
[0.20.1-bb.1] - 2022-06-27📜
Added📜
- added PeerAuthentication for autoInit job
[0.20.1-bb.0] - 2022-06-06📜
Updated📜
- Updated
vault-k8s
to1.16.1
,big-bang/base
to1.17.0
- Fixed
vault-plugin-secrets-oauthapp
link
[0.20.0-bb.2] - 2022-06-03📜
Updated📜
- Add mTLS PeerAuthentication policy
[0.20.0-bb.1] - 2022-05-23📜
Updated📜
- enable use of passthrough ingress gateway for CI pipeline
- Allow autoInit job to work with HA and passthrough TLS
[0.20.0-bb.0] - 2022-05-17📜
Updated📜
- Updated vault to 1.10.3 and big-bang/base to 1.16.0
- update to appVersion 1.10.3 chart version 0.20.0
[0.19.0-bb.9] - 2022-05-09📜
Updated📜
- Updated vault to 1.10.1 and big-bang/base to 1.2.0
[0.19.0-bb.8] - 2022-04-18📜
Updated📜
- Update Ironbank Docker tags:
vault
to1.10.0
andvault-k8s
to0.15.0
- Updated appVersion to
1.10.0
[0.19.0-bb.7] - 2022-04-11📜
Added📜
- Added production/operational documentation
- Add vault-tls secret template for passthrough ingress gateway
[0.19.0-bb.6] - 2022-03-29📜
Added📜
- Added Tempo Zipkin Egress Policy
[0.19.0-bb.5] - 2022-03-17📜
Added📜
- Hashicorp prometheus chart
- PROMETHEUS.md
Changed📜
- Changes to chart/templates/bigbang/autoUnsealAndInit/configmap-for-vault-init.yaml for creating vault resources
[0.19.0-bb.4] - 2022-03-10📜
Updated📜
- Update vault version to 1.9.4
[0.19.0-bb.3] - 2022-03-10📜
Changed📜
- Create documentation for SSO integration
[0.19.0-bb.2] - 2022-03-01📜
Changed📜
- Deleted upstream helm test to prevent BB CI failure
[0.19.0-bb.1] - 2022-02-28📜
Updated📜
- Update minio dependency chart to 4.4.10-bb.0
[0.19.0-bb.0] - 2022-02-25📜
Updated📜
- kpt updated helm chart to v0.19.0
[0.18.0-bb.8] - 2022-02-21📜
Updated📜
- Update vault version to 1.9.3
[0.18.0-bb.7] - 2022-02-16📜
Updated📜
- Update mino dependency chart to 4.4.3-bb.3
[0.18.0-bb.6] - 2022-02-03📜
Updated📜
- Update mino dependency chart to 4.4.3-bb.2
[0.18.0-bb.5] - 2022-01-31📜
Changed📜
- Update Chart.yaml to follow new standardization for release automation
[0.18.0-bb.4] - 2022-01-10📜
Changed📜
- Changed egress-metadata.yaml to only deploy on condition the server config contains “awskms”
[0.18.0-bb.3] - 2021-12-21📜
Changed📜
- Changed egress-vault networkpolicy to not check for
networkPolicies.controlPlaneCidr
but new valuenetworkPolicies.vpcCidr
[0.18.0-bb.2] - 2021-12-15📜
Changed📜
- Changed network policies to be more restrictive
[0.18.0-bb.1] - 2021-12-13📜
Added📜
- Networkpolicy to allow ingress for service calls and agent-injector
- Store full output of the initial vault init in the vault-token secret
- More documentation for bigbang and vault
[0.18.0-bb.0] - 2021-12-10📜
Changed📜
- Update vault upstream chart
[0.16.1-bb.3] - 2021-12-7📜
Changed📜
- Added conditional to run autoinit job only on install
- Changed affinity to
preferredDuringScheduling
in test values for CI package pipeline
[0.16.1-bb.2] - 2021-11-29📜
Added📜
- Security context for init job
[0.16.1-bb.1] - 2021-11-15📜
Changed📜
- Vault images for job and agent match
- Resources and Requests match for Guaranteed QoS
[0.16.1-bb.0] - 2021-08-27📜
Changed📜
- Vault helm chart added and configured to work with other BigBang apps, libraries and pipelines
Last update:
2024-05-21 by Jacob Kershaw