Release Notes - 2.35.0📜
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).
Upgrade Notices📜
- Istio-controlplane - MR:
- Istio gets updated to
1.22.4
. Big Bang apps should automatically cycle to get the latest sidecar version and config. Be sure to cycle pods for any community or tenant applications manually.
- Istio gets updated to
- Mattermost - MR:
- Postgresql using the builtin bitnami module does not upgrade gracefully. You must manually backup and restore your database before accepting this upgrade. Using the builtin postgresql module is not a supported configuration in production environments.
- Velero - MR (not in this release):
- You will need a temporary fix in the values for velero to run:
addons: velero: values: podLabels: app: 'velero' version: '1.14.1
- You will need a temporary fix in the values for velero to run:
Upgrades from previous releases📜
If coming from a version pre-2.34.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.34.0
.
Packages📜
Package | Type | Package Version | BB Version |
---|---|---|---|
Istio Controlplane | Core | Istio 1.22.4 Tetrate Istio Distro 1.22.4 |
1.22.4-bb.1 🔗 |
Istio Operator | Core | Istio Operator 1.22.4 Tetrate Istio Distro Operator 1.22.4 |
1.22.4-bb.0 🔗 |
Jaeger | Core | 1.60.1 |
2.56.0-bb.0 🔗 |
Kiali | Core | 1.89.0 |
1.89.0-bb.0 🔗 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.21 |
Gatekeeper | Core | 3.16.3 |
3.16.3-bb.1 |
Kyverno | Core | 1.12.5 |
3.2.6-bb.0 |
Kyverno Policies | Core | 3.2.5 |
3.2.5-bb.3 |
Kyverno Reporter | Core | 2.20.1 |
2.24.1-bb.0 |
Elasticsearch Kibana | Core | Kibana 8.14.3 Elasticsearch 8.14.3 |
1.18.0-bb.0 |
Eck Operator | Core | 2.14.0 |
2.14.0-bb.0 🔗 |
Fluentbit | Core | 3.1.6 |
0.47.7-bb.0 🔗 |
Promtail | Core | 3.0.0 |
6.16.2-bb.3 |
Loki | Core | 3.1.1 |
6.10.0-bb.0 |
Neuvector | Core | 5.3.4 |
2.7.8-bb.1 🔗 |
Tempo | Core | Tempo 2.5.0 Tempo Query 2.5.0 |
1.10.3-bb.0 🔗 |
Monitoring | Core | Prometheus 2.53.0 Grafana 11.1.0 Alertmanager 0.27.0 |
62.1.0-bb.0 🔗 |
Grafana | Core | 11.1.4 |
8.4.6-bb.1 🔗 |
Twistlock | Core | 32.03.125 |
0.16.0-bb.1 |
Wrapper | Core | N / A | 0.4.10 |
Argocd | Addon | 2.12.0 |
7.4.0-bb.1 🔗 |
Authservice | Addon | 1.0.1 |
1.0.1-bb.5 🔗 |
Minio Operator | Addon | 6.0.2 |
6.0.2-bb.2 🔗 |
Minio | Addon | RELEASE.2024-06-04T19-20-08Z |
6.0.2-bb.3 🔗 |
Gitlab | Addon | 17.2.4 |
8.2.4-bb.0 🔗 |
Gitlab Runner | Addon | 17.1.0 |
0.66.0-bb.1 🔗 |
Nexus | Addon | 3.71.0-06 |
71.0.0-bb.0 |
Sonarqube | Addon | 9.9.6-community |
8.0.6-bb.3 |
Fortify | Addon | 24.2.0.0186 |
1.1.2320154-bb.17 🔗 |
Haproxy | Addon | 2.2.33 |
1.19.3-bb.8 🔗 |
Anchore Enterprise | Addon | 5.8.1 |
2.9.0-bb.6 🔗 |
Mattermost Operator | Addon | 1.22.0 |
1.22.0-bb.5 |
Mattermost | Addon | 9.10.1 |
9.10.1-bb.4 🔗 |
Velero | Addon | 1.14.1 |
7.1.5-bb.0 🔗 |
Keycloak | Addon | 25.0.2 |
2.4.3-bb.5 🔗 |
Vault | Addon | 1.17.3 |
0.28.1-bb.2 🔗 |
Metrics Server | Addon | 0.7.1 |
3.12.1-bb.4 |
Harbor | Addon | 2.11.0 |
1.15.0-bb.1 |
Holocron | Addon | 3.3.2 |
1.0.11 |
Thanos | Addon | 0.36.1 |
15.7.20-bb.0 🔗 |
External Secrets | Addon | 0.9.18 |
0.9.18-bb.7 |
Changes in 2.35.0📜
Big Bang MRs📜
- !4880: Resolve “Istio injection for namespaces should be optional for all charts”
Istio Controlplane📜
# Changelog Updates
## [1.22.4-bb.1] - 2024-08-22
### Changed
- Updating Istio `oscal-component.yaml` to include Lula validations for automated assessment
### Added
- Added `oscal-assessment-results.yaml` as a threshold for automated governance
## [1.22.4-bb.0] - 2024-08-21
### Changed
- ironbank/opensource/istio/install-cni updated from 1.22.3 to 1.22.4
- ironbank/opensource/istio/pilot updated from 1.22.3 to 1.22.4
- ironbank/opensource/istio/proxyv2 updated from 1.22.3 to 1.22.4
- ironbank/tetrate/istio/install-cni updated from 1.22.3 to 1.22.4
- ironbank/tetrate/istio/pilot updated from 1.22.3 to 1.22.4
- ironbank/tetrate/istio/proxyv2 updated from 1.22.3 to 1.22.4
### Istio Operator
- [!4988](https://repo1.dso.mil/big-bang/bigbang/-/merge_requests/4988): istioOperator update to 1.22.4-bb.0
```markdown
# Changelog Updates
## [1.22.4-bb.0] - 2024-08-21
### Changed
- Updated registry1.dso.mil/ironbank/opensource/istio/operator from 1.22.3 to 1.22.4
- Updated registry1.dso.mil/ironbank/tetrate/istio/operator from 1.22.3-tetratefips-v0 to 1.22.4-tetratefips-v0
Jaeger📜
- !5012: jaeger update to 2.56.0-bb.0
# Changelog Updates
## [2.56.0-bb.0] - 2024-08-22
### Added
- Update jaegar 2.54.0 -> 2.56.0
- Update jaegertracing 1.57.0 -> 1.60.0
- Update gluon 0.5.0 -> 0.5.3
Kiali📜
- !4978: kiali update to 1.89.0-bb.0
# Changelog Updates
## [1.89.0-bb.0] - 2024-08-20
### Changed
- Updated Kiali to v1.89.0
- Updated registry1.dso.mil/ironbank/opensource/kiali/kiali to 1.89.0
- Updated registry1.dso.mil/ironbank/opensource/kiali/kiali-operator to 1.89.1
Eck Operator📜
- !5006: eckOperator update to 2.14.0-bb.0
# Changelog Updates
## [2.14.0-bb.0] - 2024-08-21
### Changed
- eck-operator 2.13.0 -> 2.14.0
Fluentbit📜
- !4959: fluentbit update to 0.47.7-bb.0
# Changelog Updates
## [0.47.7-bb.0] - 2024-08-16
### Changed
- Updated fluent-bit: 3.1.5 -> 3.1.6
Neuvector📜
- !4974: neuvector update to 2.7.8-bb.1
# Changelog Updates
## [2.7.8-bb.1] - 2024-08-20
### Changed
- Changed cypress tests to support retries
Tempo📜
# Changelog Updates
## [1.10.3-bb.0] - 2024-08-23
### Updated
- Synchronized with upstream chart version 1.10.3
- Update gluon: 0.5.1 > 0.5.3
## [1.10.1-bb.1] - 2024-08-23
### Changed
- Updated templating in `chart/templates/statefulset.yaml` to add `tpl` for label interpretation
Monitoring📜
- !4976: monitoring update to 62.1.0-bb.0
# Changelog Updates
## [62.1.0-bb.0] - 2024-08-20
### Updated
- Updated `kube-prometheus-stack` from `61.2.0` -> `62.1.0`
Grafana📜
# Changelog Updates
## [8.4.6-bb.1] - 2024-08-26
### Updated
- Removed previous kiali label epic changes and updated to new pattern
## [8.4.6-bb.0] - 2024-08-20
### Changed
- ironbank/big-bang/grafana/grafana-plugins updated from 11.1.3 to 11.1.4
Argocd📜
# Changelog Updates
## [7.4.0-bb.1] - 2024-08-22
### Changed
- Updated cypress test to use new test project
- Removed kyverno policy overrides from test values
## [7.4.0-bb.0] - 2024-08-09
### Changed
- Update gluon 0.5.2 -> 0.5.3
- Update registry1.dso.mil/ironbank/big-bang/argocd v2.11.7 -> v.2.12.0
- Update registry1.dso.mil/ironbank/opensource/dexidp/dex v2.40.0 -> v2.41.1
Authservice📜
- !5001: authservice update to 1.0.1-bb.5
# Changelog Updates
## [1.0.1-bb.5] - 2024-08-23
### Updated
- Removed previous kiali label epic changes and updated to new pattern
Minio Operator📜
- !4997: feat: Add Kiali labels for Minio/MinioOperator
# Changelog Updates
## [6.0.2-bb.2] - 2024-08-26
### Added
- Added `podLabels` input value
- Added usage of `podLabels` in `chart/templates/operator-deployment.yaml`
### Removed
- Removed `bigbang.labels` helper function to authservice under `templates/bigbang`
- Removed call to `bigbang.labels` function in pod template section of `chart/templates/operator-deployment.yaml`
Minio📜
# Changelog Updates
## [6.0.2-bb.3] - 2024-08-26
### Added
- Added `podLabels` input value
- Added usage of `podLabels` in `chart/templates/tenant.yaml`
## [6.0.2-bb.2] - 2024-08-21
### Changed
- Updated to RELEASE.2024-08-17T11-33-50Z
Gitlab📜
# Changelog Updates
## [8.2.4-bb.0] - 2024-08-27
### Changed
- Update gitlab appVersion from 17.2.2 -> 17.2.4
- Update chart version from 8.2.2-bb.1 -> 8.2.4-bb.0
- Update gluon from 0.5.0 -> 0.5.3
- Update ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.2 -> 17.2.4
- Update registry1.dso.mil/ironbank/opensource/postgres/postgresql (source) -> 14.12 -> 14.13
## [8.2.2-bb.1] - 2024-08-20
### Changed
- Update renovate.json to include package rule which ensures postgres version remains on major version 14
Gitlab Runner📜
- !4996: gitlabRunner update to 0.66.0-bb.1
# Changelog Updates
## [0.66.0-bb.1] - 2024-08-20
### Changed
- Update kyverno cluster policy to handle the runner secret sync to multiple external namespaces
Fortify📜
- !4992: fortify update to 1.1.2320154-bb.17
# Changelog Updates
## [1.1.2320154-bb.17] - 2024-08-22
### Added
- Added allow-sidecar-scraping NetworkPolicy
Haproxy📜
- !5005: haproxy update to 1.19.3-bb.8
# Changelog Updates
## [1.19.3-bb.8] - 2024-08-26
### Updated
- Removed previous kiali label epic changes and updated to new pattern
Anchore Enterprise📜
# Changelog Updates
## [2.9.0-bb.6] - 2024-08-23
### Changed
- Updated templating in `chart/deps/feeds/deps/postgresql/templates/statefulset-replicas.yaml` to add `tpl` for label interpretation
- Updated templating in `chart/deps/feeds/deps/postgresql/templates/statefulset.yaml` to add `tpl` for label interpretation
- Updated templating in `chart/deps/feeds/templates/_common.tpl` to add `tpl` for label interpretation
- Updated templating in `chart/deps/postgresql/templates/statefulset-replicas.yaml` to add `tpl` for label interpretation
- Updated templating in `chart/deps/postgresql/templates/statefulset.yaml` to add `tpl` for label interpretation
- Updated templating in `chart/templates/_common.tpl` to add `tpl` for label interpretation
## [2.9.0-bb.5] - 2024-08-20
### Changed
- Updated Anchore Feeds chart to `2.8.1`
## [2.9.0-bb.4] - 2024-08-19
### Changed
- Updated Redis chart dependency to `20.0.1-bb.0`
- Updated Redis to 7.4.0
- Updated kubectl to 1.29.8
- Updated Cypress dependency to `v13.13.3`
Mattermost📜
- !4904: feat: Add Kiali labels for Mattermost/MattermostOperator
- !4918: mattermost update to 9.10.1-bb.3
- !4912: mattermost update to 9.10.1-bb.2
# Changelog Updates
## [9.10.1-bb.4] - 2024-08-13
### Changed
- Update usage of podLabels in mattermost chart
## [9.10.1-bb.3] - 2024-08-13
### Added
- Added minio-operator-authz-policy.yaml to allow minio-operator access to monitor the tenant
## [9.10.1-bb.2] - 2024-08-12
### Changed
- Upgrade builtin postgresql 10.3.5 -> 12.12.10
Velero📜
- !5030: velero update to 7.1.5-bb.0
- !5010: velero update to 6.7.0-bb.10
- !4985: velero update to 6.7.0-bb.9
# Changelog Updates
## [7.1.5-bb.0] - 2024-08-30
### Updated
- Updated velero version to 7.1.5
- velero/velero-plugin-for-aws v1.9.2 -> v1.10.1
- velero/velero-restore-helper v1.13.2 -> v1.14.1
## [6.7.0-bb.10] - 2024-08-27
### Updated
- Removed previous kiali label epic changes and updated to new pattern
## [6.7.0-bb.9] - 2024-08-21
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.29.7 -> v1.29.8
- Updated ironbank/opensource/nginx/nginx 1.26.1 -> 1.26.2
Keycloak📜
- !4998: keycloak update to 2.4.3-bb.5
# Changelog Updates
## [2.4.3-bb.5] - 2024-08-23
### Updated
- Removed previous kiali label epic changes and updated to new pattern
Vault📜
# Changelog Updates
## [0.28.1-bb.2] - 2024-08-27
### Updated
- Modified templating for `extraLabels` on `csi-daemonset.yaml`, `injector-deployment.yaml` and `server-statefulset.yaml` to use `tpl` to support passing kiali-required labels
## [0.28.1-bb.1] - 2024-08-21
### Changed
- ironbank/hashicorp/vault 1.14.10 -> 1.17.3
- Updated minio-instance 5.0.15-bb.2 -> 6.0.2-bb.2
Thanos📜
- !4987: thanos update to 15.7.20-bb.0
# Changelog Updates
## [15.7.20-bb.0] - 2024-08-21
### Upgraded
- Upgraded Thanos from `v0.36.0` -> `v0.36.1`
Known Issues📜
- Kiali - ISSUE
- On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the
flowcontrol.apiserver.k8s.io/v1beta2
api version (no longer served as of v1.29).
In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.
$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io
$ flux reconcile -n bigbang helmrelease gitlab --force --with-source
Helpful Links📜
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future📜
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.