Skip to content

Release Notes - 2.36.0📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).

Upgrade Notices📜

  • Mattermost - MR:
    • When using the builtin bitnami postgresql server module (which is not a supported configuration outside of development environments), upgrading causes fatal error (postgres v15 > v16).
    • Database files are incompatible with server.
    • The data directory was initialized by PostgreSQL version 15, which is not compatible with this version 16.2.
    • When deploying this upgrade to installations using the builtin bitnami postgresql server, you must delete your postgresql pods and storage and recreate them manually.

Upgrades from previous releases📜

If coming from a version pre-2.35.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.35.0.

Packages📜

Package Type Package Version BB Version
Updated Anchore Enterprise Addon 5.9.0 2.10.0-bb.0 🔗
Argocd Addon 2.12.0 7.4.0-bb.1
Authservice Addon 1.0.1 1.0.1-bb.5
Cluster Auditor Core 0.0.7 1.5.0-bb.21
Eck Operator Core 2.14.0 2.14.0-bb.0
Updated Elasticsearch Kibana Core Kibana 8.14.3 Elasticsearch 8.14.3 1.18.0-bb.2 🔗
Updated External Secrets BETA Addon 0.9.20 0.9.20-bb.3 🔗
Updated Fluentbit Core 3.1.7 0.47.9-bb.0 🔗
Updated Fortify Addon 24.2.0.0186 1.1.2320154-bb.19 🔗
Updated Gatekeeper Core 3.17.0 3.17.0-bb.0 🔗
Updated Gitlab Addon 17.2.7 8.2.7-bb.0 🔗
Updated Gitlab Runner Addon 17.2.1 0.67.1-bb.1 🔗
Updated Grafana Core 11.2.0 8.5.1-bb.0 🔗
Haproxy Addon 2.2.33 1.19.3-bb.8
Harbor Addon 2.11.0 1.15.0-bb.1
Holocron Addon 3.3.2 1.0.11
Istio Controlplane Core Istio 1.22.4 Tetrate Istio Distro 1.22.4 1.22.4-bb.1
Istio Operator Core Istio Operator 1.22.4 Tetrate Istio Distro Operator 1.22.4 1.22.4-bb.0
Jaeger Core 1.60.1 2.56.0-bb.0
Keycloak Addon 25.0.2 2.4.3-bb.5
Updated Kiali Core 1.89.0 1.89.0-bb.1 🔗
Kyverno Core 1.12.5 3.2.6-bb.0
Updated Kyverno Policies Core 3.2.5 3.2.5-bb.5 🔗
Kyverno Reporter Core 2.20.1 2.24.1-bb.0
Updated Loki Core 3.1.1 6.12.0-bb.4 🔗
Updated Mattermost Addon 9.11.1 9.11.1-bb.0 🔗
Mattermost Operator Addon 1.22.0 1.22.0-bb.5
Metrics Server Addon 0.7.1 3.12.1-bb.4
Minio Addon RELEASE.2024-06-04T19-20-08Z 6.0.2-bb.3
Minio Operator Addon 6.0.2 6.0.2-bb.2
Updated Monitoring Core Prometheus 2.54.1 Grafana 11.1.0 Alertmanager 0.27.0 62.4.0-bb.0 🔗
Neuvector Core 5.3.4 2.7.8-bb.1
Nexus Addon 3.71.0-06 71.0.0-bb.0
Promtail Core 3.0.0 6.16.2-bb.3
Updated Sonarqube Addon 9.9.6-community 8.0.6-bb.4 🔗
Updated Tempo Core Tempo 2.5.0 Tempo Query 2.5.0 1.10.3-bb.5 🔗
Updated Thanos Addon 0.36.1 15.7.20-bb.1 🔗
Twistlock Core 32.03.125 0.16.0-bb.1
Updated Vault Addon 1.17.5 0.28.1-bb.6 🔗
Velero Addon 1.14.1 7.1.5-bb.0
Wrapper Core N / A 0.4.10

Changes in 2.36.0📜

Big Bang MRs📜

  • !5093: fix thanos values for minio logic
  • !5076: Create Exception to the automount Service Account Kyverno-Policy
  • !5074: Add wait job

Kiali📜

  • !4957: Thanos: Add Kiali labels
  • !5045: Kiali fix openid settings when sso is not enabled
# Changelog Updates

## [1.89.0-bb.1] - 2024-09-05
### Added
- Added `sso` key that defaults to false. Needed for downstream changes that rely on this in `chart/templates/bigbang/ssoServiceEntry.yaml` and `chart/templates/bigbang/networkpolicies/egress-sso.yml`.

### Changed
- Updated `chart/templates/bigbang/ssoServiceEntry.yaml` and `chart/templates/bigbang/networkpolicies/egress-sso.yml` to use the sso key to check before assuming that `cr.spec.auth.openid.issuer_uri` is set just because `cr.spec.auth.strategy` is `"openid"`.

Gatekeeper📜

  • !4999: gatekeeper update to 3.17.0-bb.0
# Changelog Updates

## [3.17.0-bb.0] - 2024-08-22
### Changed
- Updated ironbank/opensource/openpolicyagent/gatekeeper v3.16.3 -> v3.17.0
- Updated registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper v3.16.3 -> v3.17.0
- updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl from v1.29.6 -> v1.29.8
- Update gluon from 0.50 to 0.5.3

Kyverno Policies📜

  • !5081: kyvernoPolicies update to 3.2.5-bb.5
# Changelog Updates

## [3.2.5-bb.5] - 2024-09-09
### Changed
- set generateExisting to false

## [3.2.5-bb.4] - 2024-08-20
### Changed
- Added GenerateExisting option for clone-config.yaml
- Updated gluon from 0.5.2 to 0.5.3

Elasticsearch Kibana📜

  • !5039: elasticsearchKibana update to 1.18.0-bb.2
# Changelog Updates

## [1.18.0-bb.2] - 2024-08-29
### Changed
- Fix bug in prometheus subchart that errored when trying to parse podLabels
- Ran a fresh helm dependency update to sync the subchart archive to the copy in deps

## [1.18.0-bb.1] - 2024-08-13
### Changed
- Adds the ability to supply the kiali-required labels app and version via the umbrella chart.

Fluentbit📜

  • !5044: fluentbit update to 0.47.9-bb.0
  • !5039: elasticsearchKibana update to 1.18.0-bb.2
# Changelog Updates

## [0.47.9-bb.0] - 2024-09-04
### Changed
- Updated fluent-bit: 3.1.6 -> 3.1.7
- Updated gluon 0.5.3 -> 0.5.4

Loki📜

  • !5078: loki update to 6.12.0-bb.1
  • !5059: loki update to 6.12.0-bb.0
# Changelog Updates

## [6.12.0-bb.4] - 2024-09-18
### Fixed
- Fixed cypress formatting/phrasing

## [6.12.0-bb.3] - 2024-09-18
### Fixed
- Fixed dashboard regular expressions for new grafana format

## [6.12.0-bb.2] - 2024-09-18
### Fixed
- Fixed cypress test relating to grafana upgrade

## [6.12.0-bb.1] - 2024-09-12
### Added
- Added a network policy allowing ingress from Grafana Alloy

## [6.12.0-bb.0] - 2024-09-08
### Updated
- Updated `gluon` from `0.5.3` -> `0.5.4`
- Updated `minio-instance` from `5.0.16-bb.0` -> `6.0.2-bb.0`
- Updated `k8s-sidecar` from `1.27.5` -> `1.27.6`
- Updated `kubectl` from `v1.29.7` -> `v1.29.8`
- Updated `memcached` from `1.6.29` -> `1.6.30`
- Updated `nginx` from `1.26.1` -> `1.26.2`

Tempo📜

  • !5079: tempo update to 1.10.3-bb.1
# Changelog Updates

## [1.10.3-bb.5] - 2024-09-18
### Added
- Fixed phrasing of cypress test relating to grafana upgrade

## [1.10.3-bb.4] - 2024-09-18
### Added
- Fixed formatting of cypress test relating to grafana upgrade

## [1.10.3-bb.3] - 2024-09-18
### Added
- Fixed cypress test relating to grafana upgrade

## [1.10.3-bb.2] - 2024-09-16
### Updated
- Included ports 4317 and 4318 in the `includeInboundPorts` annotation on the tempo podspec

## [1.10.3-bb.1] - 2024-09-12
### Added
- Added a network policy allowing ingress from Grafana Alloy

Monitoring📜

  • !5055: monitoring update to 62.4.0-bb.0
# Changelog Updates

## [62.4.0-bb.0] - 2024-08-20
### Updated
- Updated `kube-prometheus-stack` from `62.1.0` -> `62.4.0`
- Updated `grafana` from `8.3.8` -> `8.5.1`
- Updated `kube-state-metrics` from `5.22.1` -> `5.25.1`
- Updated `prometheus-node-exporter` from `4.38.0` -> `4.39.0`
- Updated `prometheus-windows-exporter` from `0.3.1` -> `0.5.2`

Grafana📜

  • !5073: grafana update to 8.5.1-bb.0
# Changelog Updates

## [8.5.1-bb.0] - 2024-09-06
### Changed
- gluon updated from 0.5.3 to 0.5.4
- ironbank/big-bang/grafana/grafana-plugins updated from 11.1.4 to 11.2.0
- ironbank/kiwigrid/k8s-sidecar updated from 1.27.5 to 1.27.6

Gitlab📜

  • !5106: Merge branch ‘update-gitlab-tag-8.2.7-bb.0’ into ‘release-2.36.x’
  • !5103: gitlab update to 8.2.7-bb.0
  • !5089: gitlab update to 8.2.5-bb.0
# Changelog Updates

## [8.2.7-bb.0] - 2024-09-18
### Changed
- Update ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.5 -> 17.2.7

## [8.2.5-bb.0] - 2024-09-17
### Changed
- Update ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter (source) v1.62.0 -> v1.63.0
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.4 -> 17.2.5

Gitlab Runner📜

  • !5047: gitlabRunner update to 0.67.1-bb.0
# Changelog Updates

## [0.67.1-bb.1] - 2024-09-09
### Changed
- Fix changelog notes
- Add AuthorizationPolicy for metrics port targets

## [0.67.1-bb.0] - 2024-09-04
### Changed
- Update gluon 0.5.0 -> 0.5.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner 17.1.0 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner-helper 17.1.0 -> 17.2.1

Sonarqube📜

  • !5052: Sonarqube labels additions & tag to v8.0.6-bb.4
# Changelog Updates

## [8.0.6-bb.4] - 2024-08-27
### Changed
- Modified templating for `podLabels` for `deployment.yaml`, `sonarqube-sts.yaml`, `statefulset.yaml`, and `statefulset-slaves.yamll` to use `tpl` to support passing kiali-required labels.

Fortify📜

  • !5041: fortify update to 1.1.2320154-bb.18
# Changelog Updates

## [1.1.2320154-bb.19] - 2024-09-10
### Added
- Modified templating for `podLabels` in `webapp.yaml` to use `tpl` function to support passing kiali-required labels.
- Added app and verison podLabels in values.yaml under mysql.primary.podLabels.

## [1.1.2320154-bb.18] - 2024-08-22
### Added
- Added configurations to allow for adding extra volumes, volume mounts and init containers to the webapp

Anchore Enterprise📜

  • !5056: anchore update to 2.10.0-bb.0
  • !5049: anchore update to 2.9.0-bb.11
# Changelog Updates

## [2.10.0-bb.0] - 2024-09-09
### Changed
- Updated Anchore Enterprise chart to `2.10.0`
- Updated Anchore Feeds chart to `2.9.0`

## [2.9.0-bb.11] - 2024-09-06
### Changed
- Fix common labels

## [2.9.0-bb.10] - 2024-09-06
### Changed
- Updated Anchore Enterprise tag to `5.9.0`
- Updated Anchore Enterprise UI tag to `5.9.0`
- Updated Gluon subchart dependency to `0.5.4`
- Updated Cypress dependency to `v13.14.2`

## [2.9.0-bb.9] - 2024-09-05
### Changed
- Re-numbered CHANGELOG to prevent duplicate entries

## [2.9.0-bb.8] - 2024-08-30
### Changed
- Resync with upstream commit [abca795cfb04c61d6242509bdd34634a2f405928](https://github.com/anchore/anchore-charts/tree/abca795cfb04c61d6242509bdd34634a2f405928)

## [2.9.0-bb.7] - 2024-08-23
### Changed
- Fix SSO configure job to work when TLS certificates are used

Mattermost📜

  • !5043: SKIP UPGRADE CHECK: mattermost update to 9.11.1-bb.0
# Changelog Updates

## [9.11.1-bb.0] - 2024-08-29
### Changed
- ironbank/opensource/mattermost/mattermost updated from 9.10.1 to 9.11.1
- ironbank/opensource/postgres/postgresql updated from 15.7 to 16.2
- ironbank/opensource/postgres/postgresql12 updated from 12.19 to 12.20

## [9.10.1-bb.5] - 2024-08-13
### Removed
- Removed monitoring-authz Authorization Policy after adding to main chart

Vault📜

  • !5084: vault update to 0.28.1-bb.6
# Changelog Updates

## [0.28.1-bb.6] - 2024-09-12
### Changed
- Update Security Context for Secrets Store CSI Driver to comply with Kyverno policies

## [0.28.1-bb-5] - 2024-09-06
### Changed
- Reversed changes to cypress test

## [0.28.1-bb.4] - 2024-09-05
### Changed
- Gluon from 0.5.3 -> 0.5.4

## [0.28.1-bb.3] - 2024-09-04
### Changed
- Upgraded registry1.dso.mil/ironbank/hashicorp/vault 1.17.3 -> 1.17.5

Thanos📜

  • !5061: thanos update to 15.7.20-bb.1
# Changelog Updates

## [15.7.20-bb.1] - 2024-09-9
### Added
- Added Virtual Service for accessing Thanos MinIO Tenant

External Secrets📜

  • !5085: fix mistake with external secrets git tag SKIP UPGRADE
  • !4964: externalSecrets update to 0.9.20-bb.3
# Changelog Updates

## [0.9.20-bb.3] - 2024-08-19
### Changed
- Added label for webhook

## [0.9.20-bb.2] - 2024-08-01
### Changed
- Updated to gluon 0.5.2

Known Issues📜

  • Kiali - ISSUE
  • On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the flowcontrol.apiserver.k8s.io/v1beta2 api version (no longer served as of v1.29).

In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.

$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.