Release Notes - 2.36.0📜
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).
Upgrade Notices📜
- Mattermost - MR:
- When using the builtin bitnami postgresql server module (which is not a supported configuration outside of development environments), upgrading causes fatal error (postgres v15 > v16).
- Database files are incompatible with server.
The data directory was initialized by PostgreSQL version 15, which is not compatible with this version 16.2.
- When deploying this upgrade to installations using the builtin bitnami postgresql server, you must delete your postgresql pods and storage and recreate them manually.
Upgrades from previous releases📜
If coming from a version pre-2.35.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.35.0
.
Packages📜
Package | Type | Package Version | BB Version |
---|---|---|---|
Anchore Enterprise | Addon | 5.9.0 |
2.10.0-bb.0 🔗 |
Argocd | Addon | 2.12.0 |
7.4.0-bb.1 |
Authservice | Addon | 1.0.1 |
1.0.1-bb.5 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.21 |
Eck Operator | Core | 2.14.0 |
2.14.0-bb.0 |
Elasticsearch Kibana | Core | Kibana 8.14.3 Elasticsearch 8.14.3 |
1.18.0-bb.2 🔗 |
External Secrets | Addon | 0.9.20 |
0.9.20-bb.3 🔗 |
Fluentbit | Core | 3.1.7 |
0.47.9-bb.0 🔗 |
Fortify | Addon | 24.2.0.0186 |
1.1.2320154-bb.19 🔗 |
Gatekeeper | Core | 3.17.0 |
3.17.0-bb.0 🔗 |
Gitlab | Addon | 17.2.7 |
8.2.7-bb.0 🔗 |
Gitlab Runner | Addon | 17.2.1 |
0.67.1-bb.1 🔗 |
Grafana | Core | 11.2.0 |
8.5.1-bb.0 🔗 |
Haproxy | Addon | 2.2.33 |
1.19.3-bb.8 |
Harbor | Addon | 2.11.0 |
1.15.0-bb.1 |
Holocron | Addon | 3.3.2 |
1.0.11 |
Istio Controlplane | Core | Istio 1.22.4 Tetrate Istio Distro 1.22.4 |
1.22.4-bb.1 |
Istio Operator | Core | Istio Operator 1.22.4 Tetrate Istio Distro Operator 1.22.4 |
1.22.4-bb.0 |
Jaeger | Core | 1.60.1 |
2.56.0-bb.0 |
Keycloak | Addon | 25.0.2 |
2.4.3-bb.5 |
Kiali | Core | 1.89.0 |
1.89.0-bb.1 🔗 |
Kyverno | Core | 1.12.5 |
3.2.6-bb.0 |
Kyverno Policies | Core | 3.2.5 |
3.2.5-bb.5 🔗 |
Kyverno Reporter | Core | 2.20.1 |
2.24.1-bb.0 |
Loki | Core | 3.1.1 |
6.12.0-bb.4 🔗 |
Mattermost | Addon | 9.11.1 |
9.11.1-bb.0 🔗 |
Mattermost Operator | Addon | 1.22.0 |
1.22.0-bb.5 |
Metrics Server | Addon | 0.7.1 |
3.12.1-bb.4 |
Minio | Addon | RELEASE.2024-06-04T19-20-08Z |
6.0.2-bb.3 |
Minio Operator | Addon | 6.0.2 |
6.0.2-bb.2 |
Monitoring | Core | Prometheus 2.54.1 Grafana 11.1.0 Alertmanager 0.27.0 |
62.4.0-bb.0 🔗 |
Neuvector | Core | 5.3.4 |
2.7.8-bb.1 |
Nexus | Addon | 3.71.0-06 |
71.0.0-bb.0 |
Promtail | Core | 3.0.0 |
6.16.2-bb.3 |
Sonarqube | Addon | 9.9.6-community |
8.0.6-bb.4 🔗 |
Tempo | Core | Tempo 2.5.0 Tempo Query 2.5.0 |
1.10.3-bb.5 🔗 |
Thanos | Addon | 0.36.1 |
15.7.20-bb.1 🔗 |
Twistlock | Core | 32.03.125 |
0.16.0-bb.1 |
Vault | Addon | 1.17.5 |
0.28.1-bb.6 🔗 |
Velero | Addon | 1.14.1 |
7.1.5-bb.0 |
Wrapper | Core | N / A | 0.4.10 |
Changes in 2.36.0📜
Big Bang MRs📜
- !5093: fix thanos values for minio logic
- !5076: Create Exception to the automount Service Account Kyverno-Policy
- !5074: Add wait job
Kiali📜
# Changelog Updates
## [1.89.0-bb.1] - 2024-09-05
### Added
- Added `sso` key that defaults to false. Needed for downstream changes that rely on this in `chart/templates/bigbang/ssoServiceEntry.yaml` and `chart/templates/bigbang/networkpolicies/egress-sso.yml`.
### Changed
- Updated `chart/templates/bigbang/ssoServiceEntry.yaml` and `chart/templates/bigbang/networkpolicies/egress-sso.yml` to use the sso key to check before assuming that `cr.spec.auth.openid.issuer_uri` is set just because `cr.spec.auth.strategy` is `"openid"`.
Gatekeeper📜
- !4999: gatekeeper update to 3.17.0-bb.0
# Changelog Updates
## [3.17.0-bb.0] - 2024-08-22
### Changed
- Updated ironbank/opensource/openpolicyagent/gatekeeper v3.16.3 -> v3.17.0
- Updated registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper v3.16.3 -> v3.17.0
- updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl from v1.29.6 -> v1.29.8
- Update gluon from 0.50 to 0.5.3
Kyverno Policies📜
- !5081: kyvernoPolicies update to 3.2.5-bb.5
# Changelog Updates
## [3.2.5-bb.5] - 2024-09-09
### Changed
- set generateExisting to false
## [3.2.5-bb.4] - 2024-08-20
### Changed
- Added GenerateExisting option for clone-config.yaml
- Updated gluon from 0.5.2 to 0.5.3
Elasticsearch Kibana📜
- !5039: elasticsearchKibana update to 1.18.0-bb.2
# Changelog Updates
## [1.18.0-bb.2] - 2024-08-29
### Changed
- Fix bug in prometheus subchart that errored when trying to parse podLabels
- Ran a fresh helm dependency update to sync the subchart archive to the copy in deps
## [1.18.0-bb.1] - 2024-08-13
### Changed
- Adds the ability to supply the kiali-required labels app and version via the umbrella chart.
Fluentbit📜
# Changelog Updates
## [0.47.9-bb.0] - 2024-09-04
### Changed
- Updated fluent-bit: 3.1.6 -> 3.1.7
- Updated gluon 0.5.3 -> 0.5.4
Loki📜
# Changelog Updates
## [6.12.0-bb.4] - 2024-09-18
### Fixed
- Fixed cypress formatting/phrasing
## [6.12.0-bb.3] - 2024-09-18
### Fixed
- Fixed dashboard regular expressions for new grafana format
## [6.12.0-bb.2] - 2024-09-18
### Fixed
- Fixed cypress test relating to grafana upgrade
## [6.12.0-bb.1] - 2024-09-12
### Added
- Added a network policy allowing ingress from Grafana Alloy
## [6.12.0-bb.0] - 2024-09-08
### Updated
- Updated `gluon` from `0.5.3` -> `0.5.4`
- Updated `minio-instance` from `5.0.16-bb.0` -> `6.0.2-bb.0`
- Updated `k8s-sidecar` from `1.27.5` -> `1.27.6`
- Updated `kubectl` from `v1.29.7` -> `v1.29.8`
- Updated `memcached` from `1.6.29` -> `1.6.30`
- Updated `nginx` from `1.26.1` -> `1.26.2`
Tempo📜
- !5079: tempo update to 1.10.3-bb.1
# Changelog Updates
## [1.10.3-bb.5] - 2024-09-18
### Added
- Fixed phrasing of cypress test relating to grafana upgrade
## [1.10.3-bb.4] - 2024-09-18
### Added
- Fixed formatting of cypress test relating to grafana upgrade
## [1.10.3-bb.3] - 2024-09-18
### Added
- Fixed cypress test relating to grafana upgrade
## [1.10.3-bb.2] - 2024-09-16
### Updated
- Included ports 4317 and 4318 in the `includeInboundPorts` annotation on the tempo podspec
## [1.10.3-bb.1] - 2024-09-12
### Added
- Added a network policy allowing ingress from Grafana Alloy
Monitoring📜
- !5055: monitoring update to 62.4.0-bb.0
# Changelog Updates
## [62.4.0-bb.0] - 2024-08-20
### Updated
- Updated `kube-prometheus-stack` from `62.1.0` -> `62.4.0`
- Updated `grafana` from `8.3.8` -> `8.5.1`
- Updated `kube-state-metrics` from `5.22.1` -> `5.25.1`
- Updated `prometheus-node-exporter` from `4.38.0` -> `4.39.0`
- Updated `prometheus-windows-exporter` from `0.3.1` -> `0.5.2`
Grafana📜
- !5073: grafana update to 8.5.1-bb.0
# Changelog Updates
## [8.5.1-bb.0] - 2024-09-06
### Changed
- gluon updated from 0.5.3 to 0.5.4
- ironbank/big-bang/grafana/grafana-plugins updated from 11.1.4 to 11.2.0
- ironbank/kiwigrid/k8s-sidecar updated from 1.27.5 to 1.27.6
Gitlab📜
- !5106: Merge branch ‘update-gitlab-tag-8.2.7-bb.0’ into ‘release-2.36.x’
- !5103: gitlab update to 8.2.7-bb.0
- !5089: gitlab update to 8.2.5-bb.0
# Changelog Updates
## [8.2.7-bb.0] - 2024-09-18
### Changed
- Update ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.5 -> 17.2.7
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.5 -> 17.2.7
## [8.2.5-bb.0] - 2024-09-17
### Changed
- Update ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter (source) v1.62.0 -> v1.63.0
- Update registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.4 -> 17.2.5
- Update registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.4 -> 17.2.5
Gitlab Runner📜
- !5047: gitlabRunner update to 0.67.1-bb.0
# Changelog Updates
## [0.67.1-bb.1] - 2024-09-09
### Changed
- Fix changelog notes
- Add AuthorizationPolicy for metrics port targets
## [0.67.1-bb.0] - 2024-09-04
### Changed
- Update gluon 0.5.0 -> 0.5.4
- Update registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner 17.1.0 -> 17.2.1
- Update registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner-helper 17.1.0 -> 17.2.1
Sonarqube📜
- !5052: Sonarqube labels additions & tag to v8.0.6-bb.4
# Changelog Updates
## [8.0.6-bb.4] - 2024-08-27
### Changed
- Modified templating for `podLabels` for `deployment.yaml`, `sonarqube-sts.yaml`, `statefulset.yaml`, and `statefulset-slaves.yamll` to use `tpl` to support passing kiali-required labels.
Fortify📜
- !5041: fortify update to 1.1.2320154-bb.18
# Changelog Updates
## [1.1.2320154-bb.19] - 2024-09-10
### Added
- Modified templating for `podLabels` in `webapp.yaml` to use `tpl` function to support passing kiali-required labels.
- Added app and verison podLabels in values.yaml under mysql.primary.podLabels.
## [1.1.2320154-bb.18] - 2024-08-22
### Added
- Added configurations to allow for adding extra volumes, volume mounts and init containers to the webapp
Anchore Enterprise📜
# Changelog Updates
## [2.10.0-bb.0] - 2024-09-09
### Changed
- Updated Anchore Enterprise chart to `2.10.0`
- Updated Anchore Feeds chart to `2.9.0`
## [2.9.0-bb.11] - 2024-09-06
### Changed
- Fix common labels
## [2.9.0-bb.10] - 2024-09-06
### Changed
- Updated Anchore Enterprise tag to `5.9.0`
- Updated Anchore Enterprise UI tag to `5.9.0`
- Updated Gluon subchart dependency to `0.5.4`
- Updated Cypress dependency to `v13.14.2`
## [2.9.0-bb.9] - 2024-09-05
### Changed
- Re-numbered CHANGELOG to prevent duplicate entries
## [2.9.0-bb.8] - 2024-08-30
### Changed
- Resync with upstream commit [abca795cfb04c61d6242509bdd34634a2f405928](https://github.com/anchore/anchore-charts/tree/abca795cfb04c61d6242509bdd34634a2f405928)
## [2.9.0-bb.7] - 2024-08-23
### Changed
- Fix SSO configure job to work when TLS certificates are used
Mattermost📜
- !5043: SKIP UPGRADE CHECK: mattermost update to 9.11.1-bb.0
# Changelog Updates
## [9.11.1-bb.0] - 2024-08-29
### Changed
- ironbank/opensource/mattermost/mattermost updated from 9.10.1 to 9.11.1
- ironbank/opensource/postgres/postgresql updated from 15.7 to 16.2
- ironbank/opensource/postgres/postgresql12 updated from 12.19 to 12.20
## [9.10.1-bb.5] - 2024-08-13
### Removed
- Removed monitoring-authz Authorization Policy after adding to main chart
Vault📜
- !5084: vault update to 0.28.1-bb.6
# Changelog Updates
## [0.28.1-bb.6] - 2024-09-12
### Changed
- Update Security Context for Secrets Store CSI Driver to comply with Kyverno policies
## [0.28.1-bb-5] - 2024-09-06
### Changed
- Reversed changes to cypress test
## [0.28.1-bb.4] - 2024-09-05
### Changed
- Gluon from 0.5.3 -> 0.5.4
## [0.28.1-bb.3] - 2024-09-04
### Changed
- Upgraded registry1.dso.mil/ironbank/hashicorp/vault 1.17.3 -> 1.17.5
Thanos📜
- !5061: thanos update to 15.7.20-bb.1
# Changelog Updates
## [15.7.20-bb.1] - 2024-09-9
### Added
- Added Virtual Service for accessing Thanos MinIO Tenant
External Secrets📜
- !5085: fix mistake with external secrets git tag SKIP UPGRADE
- !4964: externalSecrets update to 0.9.20-bb.3
# Changelog Updates
## [0.9.20-bb.3] - 2024-08-19
### Changed
- Added label for webhook
## [0.9.20-bb.2] - 2024-08-01
### Changed
- Updated to gluon 0.5.2
Known Issues📜
- Kiali - ISSUE
- On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the
flowcontrol.apiserver.k8s.io/v1beta2
api version (no longer served as of v1.29).
In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.
$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io
Helpful Links📜
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future📜
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.