Skip to content

Release Notes - 2.33.0📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.29.3 (RKE2).

Upgrade Notices📜

  • Mattermost - MR:
    • If Istio native sidecars are disabled, you’ll need to set .values.addons.mattermost.values.database.readinessCheck.disableDefault to true in your values.yaml file
  • GitLab - MR)

Upgrades from previous releases📜

If coming from a version pre-2.32.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.32.0.

Packages📜

Package Type Package Version BB Version
Istio Controlplane Core Istio 1.22.3 Tetrate Istio Distro 1.22.3 1.22.3-bb.1
Istio Operator Core Istio Operator 1.22.3 Tetrate Istio Distro Operator 1.22.3 1.22.3-bb.0
Jaeger Core 1.57.0 2.54.0-bb.2
Kiali Core 1.87.0 1.87.0-bb.0
Updated Cluster Auditor Core 0.0.7 1.5.0-bb.21 🔗
Updated Gatekeeper Core 3.16.3 3.16.3-bb.1 🔗
Updated Kyverno Core 1.12.5 3.2.6-bb.0 🔗
Updated Kyverno Policies Core 3.2.5 3.2.5-bb.2 🔗
Updated Kyverno Reporter Core 2.20.1 2.24.0-bb.2 🔗
Updated Elasticsearch Kibana Core Kibana 8.14.1 Elasticsearch 8.14.1 1.17.0-bb.4 🔗
Eck Operator Core 2.13.0 2.13.0-bb.2
Updated Fluentbit Core 3.1.4 0.47.5-bb.1 🔗
Promtail Core 3.0.0 6.16.2-bb.1
Loki Core 3.1.0 6.7.1-bb.0
Updated Neuvector Core 5.3.3 2.7.7-bb.3 🔗
Updated Tempo Core Tempo 2.5.0 Tempo Query 2.5.0 1.10.1-bb.0 🔗
Updated Monitoring Core Prometheus 2.53.0 Grafana 11.1.0 Alertmanager 0.27.0 61.2.0-bb.4 🔗
Updated Grafana Core 11.1.0 8.3.6-bb.1 🔗
Updated Twistlock Core 32.03.125 0.16.0-bb.0 🔗
Wrapper Core N / A 0.4.10
Updated Argocd Addon 2.11.7 7.3.11-bb.0 🔗
Authservice Addon 1.0.1 1.0.1-bb.4
Updated Minio Operator Addon 5.0.16 5.0.16-bb.3 🔗
Minio Addon RELEASE.2024-06-04T19-20-08Z 5.0.16-bb.0
Updated Gitlab Addon 17.2.1 8.2.1-bb.0 🔗
Gitlab Runner Addon 17.1.0 0.66.0-bb.0
Updated Nexus Addon 3.70.1-02 70.1.0-bb.0 🔗
Sonarqube Addon 9.9.6-community 8.0.6-bb.2
Fortify Addon 24.2.0.0186 1.1.2320154-bb.15
Haproxy Addon 2.2.33 1.19.3-bb.7
Updated Anchore Enterprise Addon 5.8.0 2.9.0-bb.0 🔗
Updated Mattermost Operator Addon 1.22.0 1.22.0-bb.2 🔗
Updated Mattermost Addon 9.10.1 9.10.1-bb.0 🔗
Updated Velero Addon 1.14.0 6.7.0-bb.7 🔗
Updated Keycloak Addon 25.0.2 2.4.3-bb.3 🔗
Vault Addon 1.14.10 0.25.0-bb.38
Metrics Server Addon 0.7.1 3.12.1-bb.3
Harbor Addon 2.11.0 1.15.0-bb.0
Holocron Addon 3.3.2 1.0.11
Updated Thanos Addon 0.35.1 15.7.9-bb.6 🔗
External Secrets BETA Addon 0.9.18 0.9.18-bb.7

Changes in 2.33.0📜

Big Bang MRs📜

  • !4884: update to 1.30
  • !4874: update helmRepo api version to v1 from v1beta2
  • !4667: Resolve “Fixing Monitoring NS hardening consistency”
  • !4849: Adds Fortify information to the default credentials user guide
  • !4809: Add grafanaAlloy to values.schema.json
  • !4775: Resolve “Fix Kustomize for the Package”
  • !4754: Resolve “Enable driftDetection in flux”

Cluster Auditor📜

  • !4841: clusterAuditor update to 1.5.0-bb.21
  • !4797: clusterAuditor update to 1.5.0-bb.20
# Changelog Updates

## [1.5.0-bb.21] - 2024-07-30
### Changed
- Add pod labels required by Kiali

## [1.5.0-bb.20] - 2024-07-24
### Changed
- Removed redundant entries in package test-values.yaml already in package values.yaml

Gatekeeper📜

  • !4795: gatekeeper update to 3.16.3-bb.1
# Changelog Updates

## [3.16.3-bb.1] - 2024-07-11
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.29.5 -> v1.29.6

Kyverno📜

  • !4839: kyverno update to 3.2.5-bb.5
  • !4833: kyverno update to 3.2.5-bb.4
# Changelog Updates

## [3.2.6-bb.0] - 2024-07-30
### Changed
- Updated kyverno chart from `3.2.5` to `3.2.6` and app version from `v1.12.5` to `v1.12.5`
- Updated `kubectl` from `1.29.6` to `1.29.7`
- Updated `kyverno`, `background-controller`, `cleanup-controller`, `reports-controller`, `kyvernopre`  from `v1.12.4` to `v1.12.5`
- Added reference to `kyvernocli` with version `v1.12.5`

## [3.2.5-bb.4] - 2024-07-30
### Changed
- Update secret sync test script to check for kyverno-bbtest-secret already existing.
- Update secret sync test script to check for secret sync policy before creating namespace.
- Update gluon to latest v0.5.2

Kyverno Policies📜

  • !4868: kyvernoPolicies update to 3.2.5-bb.2
  • !4846: kyvernoPolicies update to 3.2.5-bb.1
  • !4784: kyvernoPolicies update to 3.2.5-bb.0
# Changelog Updates

## [3.2.5-bb.2] - 2024-07-31
### Changed
- Updated chart/templates/exception-require-non-root-group.yaml:apiVersion: from `kyverno.io/v2beta1` to the latest version `kyverno.io/v2`
- chart/templates/exception-require-non-root-user.yaml:apiVersion: from `kyverno.io/v2beta1` to `kyverno.io/v2`
- chart/templates/update-automountserviceaccounttokens.yaml apiVersion:

## [3.2.5-bb.1] - 2024-07-27
### Changed
- Gluon updated from `0.5.0` to `0.5.2`
- `ironbank/opensource/kubernetes/kubectl` updated from `v1.29.4` to `v1.29.7`

## [3.2.5-bb.0] - 2024-07-23
### Changed
- Updated versions in version and annotations under Chart.yaml to match Kyverno chart that we are currently using - 3.2.5

Kyverno Reporter📜

  • !4878: kyverno-reporter update to 2.24.0 bb.2
  • !4828: kyvernoReporter update to 2.24.0-bb.1
# Changelog Updates

## [2.24.0-bb.2] - 2024-08-05
### Changed
- Updated image from `registry1.dso.mil/ironbank/opensource/kyverno/policy-reporter:2.20.0` to `registry1.dso.mil/ironbank/opensource/kyverno/policy-reporter:2.20.1`
- Updated `gluon` package dependency version from `0.5.0` to `0.5.2`

## [2.24.0-bb.1] - 2024-07-26
### Changed
- Added `bigbang.labels` to `chart/templates/deployment.yaml`, `chart/templates/cronjob-summary-report.yaml` and `chart/templates/cronjob-violations-report.yaml` to conform to Kiali requirements
- Updated `docs/DEVELOPMENT_MAINTENANCE.md`

Elasticsearch Kibana📜

  • !4863: elasticsearchKibana update to 1.17.0-bb.4
# Changelog Updates

## [1.17.0-bb.4] - 2024-07-26
### Changed
- Add `elasticsearch.podDisruptionBudget` to `values.yaml`

Fluentbit📜

  • !4873: fluentbit update to 0.47.5-bb.1
  • !4821: fluentbit update to 0.47.5-bb.0
# Changelog Updates

## [0.47.5-bb.1] - 2024-08-01
### Changed
- Remove redundant items from test/test-values.yaml

## [0.47.5-bb.0] - 2024-07-26
### Changed
- Updated fluent-bit: 3.1.3 -> 3.1.4
- Updated gluon: 0.5.0 -> 0.5.2

Neuvector📜

  • !4794: neuvector update to 2.7.7-bb.3
# Changelog Updates

## [2.7.7-bb.3] - 2024-07-24
### Changed
- Added `version` pod label to deployments and daemonset to conform to Kiali requirements
- Updated `docs/DEVELOPMENT_MAINTENANCE.md` [Modifications made to upstream chart](https://repo1.dso.mil/big-bang/product/packages/neuvector/-/blob/main/docs/DEVELOPMENT_MAINTENANCE.md?ref_type=heads#modifications-made-to-upstream-chart) section to reflect changes

Tempo📜

  • !4823: tempo update to 1.10.1-bb.0
# Changelog Updates

## [1.10.1-bb.0] - 2024-07-26
### Updated
- Synchronized with upstream chart version 1.10.1
- Update gluon: 0.5.0 > 0.5.1

Monitoring📜

  • !4824: Update Docs on changing the Grafana credentials
# Changelog Updates

## [61.2.0-bb.4] - 2024-08-05
### Fixed
- Use global imagePullSecret Only

## [61.2.0-bb.3] - 2024-08-01
### Changed
- Remove redundant items from test/test-values.yaml

Grafana📜

  • !4864: grafana update to 8.3.6-bb.1
  • !4822: grafana update to 8.3.6-bb.0
  • !4811: grafana update to 8.3.4-bb.2
  • !4796: grafana update to 8.3.4-bb.1
# Changelog Updates

## [8.3.6-bb.1] - 2024-08-01
### Changed
- Remove redundant items from `test/test-values.yaml`

## [8.3.6-bb.0] - 2024-07-25
### Changed
- gluon updated from 0.5.0 to 0.5.2

## [8.3.4-bb.2] - 2024-07-24
### Changed
- Updated `templates/deployment.yaml` and `templates/statefulset.yaml` to use `tpl` for `.Values.podLabels` to allow setting Kiali required `app` and `version` labels
- Set `app` and `version` label defaults via `.Values.podLabels`

## [8.3.4-bb.1] - 2024-07-24
### Changed
- Added update helm dep step to DEVELOPMENT_MAINTENANCE
- Updated gluon helm dependency from 0.4.10 to 0.5.0

Twistlock📜

  • !4883: twistlock update to 0.16.0-bb.0
  • !4804: twistlock update to 0.15.0-bb.17
# Changelog Updates

## [0.16.0-bb.0] - 2024-07-27
### Changed
- gluon updated from 0.5.0 to 0.5.2
- ironbank/twistlock/console/console updated from 32.01.128 to 32.03.125

## [0.15.0-bb.17] - 2024-07-25
### Changed
- Added `app` and `version` labels to defender pods to conform to Kiali requirements
- Updated `docs/DEVELOPMENT_MAINTENANCE.md` [Modifications made to upstream](https://repo1.dso.mil/big-bang/product/packages/twistlock/-/blob/main/docs/DEVELOPMENT_MAINTENANCE.md?ref_type=heads#modifications-made-to-upstream) section to reflect changes

Argocd📜

  • !4835: argocd update to 7.3.11-bb.0
  • !4779: argocd update to 7.3.9-bb.0
# Changelog Updates

## [7.3.11-bb.0] - 2024-07-29
### Changed
- Update ironbank/big-bang/argocd v2.11.5 -> v2.11.7
- Updated registry1.dso.mil/ironbank/big-bang/argocd v2.11.5 -> v2.11.7
- Updated gluon from 0.5.0 -> 0.5.2

## [7.3.9-bb.0] - 2024-07-19
### Changed
- Update ironbank/big-bang/argocd v2.11.3 -> v2.11.4
- Updated registry1.dso.mil/ironbank/big-bang/argocd v2.11.4 -> v2.11.5
- Updated registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.61.0 -> v1.62.0
- Updated redis-bb /registry1.dso.mil/bigbang 19.5.5-bb.0 -> 19.6.2-bb.0

Minio Operator📜

  • !4852: minioOperator update to 5.0.16-bb.3
  • !4847: minioOperator update to 5.0.16-bb.2
# Changelog Updates

## [5.0.16-bb.3] - 2024-07-31
### Added
- Added `bigbang.labels` helper function to authservice under `templates/bigbang`
- Added call to `bigbang.labels` function in pod template section of `chart/templates/console-deployment.yaml` and `chart/templates/operator-deployment.yaml`

## [5.0.16-bb.2] - 2024-07-24
### Changed
- Removed duplicate test values located in Big Bang repo

Gitlab📜

  • !4875: gitlab update to 8.2.1-bb.0
# Changelog Updates

## [8.2.1-bb.0] - 2024-08-02
### Added
- Introduces `registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base:17.2.1` as `gitlabBase` image where we previously used `ubi9` for some `initContainers`.

### Changed
- Update appVersion 17.1.2 -> 17.2.1
- Update helm chart 8.1.2 -> 8.2.1
- Update registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter v1.61.0 -> v1.62.0
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages 17.1.2 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl 17.1.2 -> 17.2.1

Nexus📜

  • !4777: nexusRepositoryManager update to 70.1.0-bb.0
# Changelog Updates

## [70.1.0-bb.0] - 2024-07-19
### Changed
- Updated chart to version: 70.1.0-bb.0 | appVersion: 3.70.1-02
- Updated devops-tester 1.0.0 -> 1.1.1

Anchore Enterprise📜

  • !4861: anchore update to 2.9.0-bb.0
  • !4840: anchore update to 2.7.0-bb.7
# Changelog Updates

## [2.9.0-bb.0] - 2024-08-01
### Changed
- Updated Anchore Enterprise chart to `2.9.0`
- Updated Anchore Enterprise tag to `5.8.0`
- Updated Anchore Enterprise UI tag to `5.8.0`
- Updated Anchore Feeds chart to `2.8.0`
- Updated Cypress dependency to `v13.13.2`

## [2.7.0-bb.8] - 2024-07-31
### Changed
- Updated Gluon subchart dependency to `0.5.2`
- Updated Redis chart dependency to `19.6.2-bb.0`

## [2.7.0-bb.7] - 2024-07-30
### Changed
- Updated charts to be able to exclude imagePullSecrets

Mattermost Operator📜

  • !4834: mattermostOperator update to 1.22.0-bb.2
  • !4789: mattermostOperator update to 1.22.0-bb.1
# Changelog Updates

## [1.22.0-bb.2] - 2024-07-29
### Changed
- Updated ironbank image to latest v1.22.0
- Updated CRD references to v1.22.0; the KPTfile and actual content were already pulled from v1.22.0 upstream but the chart references lagged at 1.20.1.

## [1.22.0-bb.1] - 2024-07-23
### Changed
- Added integration testing instructions for External Secrets Operator

Mattermost📜

  • !4853: mattermost update to 9.10.1-bb.0
  • !4801: mattermost update to 9.10.0-bb.3
  • !4792: mattermost update to 9.10.0-bb.2
  • !4790: mattermost update to 9.10.0-bb.1
# Changelog Updates

## [9.10.1-bb.0] - 2024-07-30
### Changed
- gluon updated from 0.5.0 to 0.5.2
- ironbank/opensource/mattermost/mattermost updated from 9.10.0 to 9.10.1

## [9.10.0-bb.3] - 2024-07-25
### Changed
- Documentation updates to move release notes from a README item to a chart annotation

## [9.10.0-bb.2] - 2024-07-24
### Changed
- Adding the init container back

## [9.10.0-bb.1] - 2024-07-23
### Changed
- Added integration testing instructions for External Secrets Operator

Velero📜

  • !4876: velero update to 6.7.0-bb.7
  • !4871: velero update to 6.7.0-bb.6
# Changelog Updates

## [6.7.0-bb.7] - 2024-08-02
### Changed
- Updated kubectl to v1.29.7
- URL fixes in DEVELOPMENT_MAINTENANCE.md

## [6.7.0-bb.6] - 2024-08-02
### Changed
- Updated test-values.yaml file to remove duplicate values that are already set in the chart defaults

## [6.7.0-bb.5] - 2024-08-01
### Added
- Added `bigbang.labels` helper function to authservice under `templates/bigbang`
- Added call to `bigbang.labels` function in pod template section of `chart/templates/deployment.yaml`

Keycloak📜

  • !4857: keycloak update to 2.4.3-bb.3
# Changelog Updates

## [2.4.3-bb.3] - 2024-08-01
### Added
- Added "start" argument to the chart/values.yaml.

Thanos📜

  • !4836: thanos update to 15.7.9-bb.6
  • !4776: thanos update to 15.7.9-bb.5
# Changelog Updates

## [15.7.9-bb.6] - 2024-07-29
### Fixed
- Remove unnecessary `match` rule in VirtualService

## [15.7.9-bb.5] - 2024-07-19
### Changed
- Set retention to forever with values to set to 0s

Known Issues📜

  • Kiali - ISSUE

    • On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the flowcontrol.apiserver.k8s.io/v1beta2 api version (no longer served as of v1.29).

    In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.

    $ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io
    

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.