Release Notes - 2.39.1📜

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.30.3 (RKE2).

Patch-Specific Changes📜

!5359: gitlab update to 8.3.6-bb.1
!5358: vault update to 0.28.1-bb.11

Upgrade Notices📜

BigBang - MR:
- This release requires Kubernetes 1.29 because 1.28 has passed its EOL date.
Vault - MR:
- Vault is upgrading from 1.17.6 to 1.18.0 . Please, follow the official upgrade notices and instructions found here:
  - https://developer.hashicorp.com/vault/docs/platform/k8s/helm/run#upgradingvaultonkubernetes
  - Primarily:
    1. backup your data
    2. The helm upgrade command should have updated the StatefulSet template for the Vault servers, however, no pods have been deleted. The pods must be manually deleted to upgrade. Deleting the pods does not delete any persisted data. The vault will be sealed after the upgrade, and must be unsealed.

Upgrades from previous releases📜

If coming from a version pre-2.39.0, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-2.39.0.

Packages📜

Package	Type	Package Version	BB Version
Alloy	Addon	`1.3.1`	`1.5.4-bb.1`
Anchore Enterprise	Addon	`5.9.0`	`2.10.0-bb.1`
Argocd	Addon	`2.12.4`	`7.6.6-bb.0`
Authservice	Addon	`1.0.2`	`1.0.2-bb.0`
Cluster Auditor	Core	`0.0.7`	`1.5.0-bb.22`
Eck Operator	Core	`2.14.0`	`2.14.0-bb.0`
Elasticsearch Kibana	Core	Kibana `8.15.1` Elasticsearch `8.15.1`	`1.19.0-bb.4`
External Secrets	Addon	`0.10.2`	`0.10.2-bb.1`
Fluentbit	Core	`3.1.9`	`0.47.10-bb.1`
Fortify	Addon	`24.2.0.0186`	`1.1.2320154-bb.19`
Gatekeeper	Core	`3.17.1`	`3.17.1-bb.1`
Gitlab	Addon	`17.3.6`	`8.3.6-bb.1` 🔗
Gitlab Runner	Addon	`17.2.1`	`0.67.1-bb.1`
Grafana	Core	`11.2.2`	`8.5.5-bb.0`
Haproxy	Addon	`2.2.33`	`1.19.3-bb.8`
Harbor	Addon	`2.11.0`	`1.15.1-bb.1`
Holocron	Addon	`3.3.2`	`1.0.11`
Istio Controlplane	Core	Istio `1.23.2` Tetrate Istio Distro `1.23.2`	`1.23.2-bb.0`
Istio Operator	Core	Istio Operator `1.23.2` Tetrate Istio Distro Operator `1.23.2`	`1.23.2-bb.0`
Jaeger	Core	`1.61.0`	`2.57.0-bb.0`
Keycloak	Addon	`25.0.6`	`2.5.1-bb.0`
Kiali	Core	`1.89.7`	`1.89.7-bb.1`
Kyverno	Core	`1.12.6`	`3.2.7-bb.0`
Kyverno Policies	Core	`3.2.6`	`3.2.6-bb.0`
Kyverno Reporter	Core	`2.20.2`	`2.24.2-bb.1`
Loki	Core	`3.1.1`	`6.12.0-bb.7`
Mattermost	Addon	`10.1.2`	`10.1.2-bb.0`
Mattermost Operator	Addon	`1.22.1`	`1.22.1-bb.0`
Metrics Server	Addon	`0.7.2`	`3.12.2-bb.1`
Minio	Addon	`RELEASE.2024-06-04T19-20-08Z`	`6.0.4-bb.0`
Minio Operator	Addon	`6.0.4`	`6.0.4-bb.0`
Monitoring	Core	Prometheus `2.54.1` Grafana `11.1.0` Alertmanager `0.27.0`	`62.4.0-bb.0`
Neuvector	Core	`5.3.4`	`2.7.8-bb.4`
Nexus	Addon	`3.73.0-12`	`73.0.0-bb.0`
Promtail	Core	`3.0.0`	`6.16.2-bb.4`
Sonarqube	Addon	`10.6.0-community`	`10.6.1-bb.2`
Tempo	Core	Tempo `2.5.0` Tempo Query `2.5.0`	`1.10.3-bb.5`
Thanos	Addon	`0.36.1`	`15.7.20-bb.1`
Twistlock	Core	`32.03.125`	`0.16.0-bb.2`
Vault	Addon	`1.18.0`	`0.28.1-bb.11` 🔗
Velero	Addon	`1.14.1`	`7.2.1-bb.3`
Wrapper	Core	N / A	`0.4.10`

Changes in 2.39.1📜

Big Bang MRs📜

!5317: require 1.29
!5256: Removed all references to Kiali label helpers and helper itself
!5261: Fixes OCI Clean Install for Big Bang

Gitlab📜

!5359: gitlab update to 8.3.6-bb.1
!5280: gitlab update to 8.2.9-bb.1
!5289: gitlab update to 8.2.9-bb.2
!5295: gitlab update to 8.2.9-bb.3
!5302: gitlab update to 8.2.9-bb.4

# Changelog Updates

## [8.3.6-bb.1] - 2024-11-04
### Changed
- fix template helper to include proper security context

## [8.3.6-bb.0] - 2024-10-23
### Changed
- ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter (source) v1.64.1 -> v1.65.0
- registry1.dso.mil/ironbank/gitlab/gitlab/certificates (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-base (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice (source) v17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse (source) 17.2.9 -> 17.3.6
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl (source) 17.2.9 -> 17.3.6

Vault📜

!5358: SKIP UPGRADE CHECK vault update to 0.28.1-bb.11

# Changelog Updates

## [0.28.1-bb.11] - 2024-10-14
### Changed
- Updated ironbank image to 1.18.0

## [0.28.1-bb.9] - 2024-10-03
### Changed
- Removed hardcoded minio labels

Known Issues📜

Kiali - ISSUE
On Kubernetes 1.29+, the kiali operator may fail with a 404 while running the kiali-deploy playbook if the cluster returns the flowcontrol.apiserver.k8s.io/v1beta2 api version (no longer served as of v1.29).

In this case, removing the invalid api version should resolve the issue and allow the kiali operator to run successfully.

$ kubectl delete apiservices.apiregistration.k8s.io v1beta2.flowcontrol.apiserver.k8s.io

Helpful Links📜

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Open issues here
Join our chat
Check out the documentation for guidance on how to get started

Future📜

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.